[VOIPSEC] Voipsec Digest, Vol 44, Issue 8
Mark Collier
mark.collier at securelogix.com
Wed Aug 20 10:02:26 CDT 2008
Also, we are about to release new versions of the tools, including a GUI
that lets you pick calls, select up to 10 files/sounds to insert/mix in, and
listen so you can time the attacks. The new tool does not expose some of the
command line parameters, so it may not help you, but you may still want to
try it out. We will be providing it on our blog at www.voipsecurityblog.com.
We will also post an entry here and on the VoIPSA blog when the tools are
available.
Mark
-----Original Message-----
From: voipsec-bounces at voipsa.org [mailto:voipsec-bounces at voipsa.org] On
Behalf Of voipsec-request at voipsa.org
Sent: Wednesday, August 20, 2008 6:00 AM
To: voipsec at voipsa.org
Subject: Voipsec Digest, Vol 44, Issue 8
Send Voipsec mailing list submissions to
voipsec at voipsa.org
To subscribe or unsubscribe via the World Wide Web, visit
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
or, via email, send a message with subject or body 'help' to
voipsec-request at voipsa.org
You can reach the person managing the list at
voipsec-owner at voipsa.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Voipsec digest..."
Today's Topics:
1. Re: rtpinsertsound problem (Dustin D. Trammell)
----------------------------------------------------------------------
Message: 1
Date: Tue, 19 Aug 2008 22:21:52 -0500
From: "Dustin D. Trammell" <dtrammell at dustintrammell.com>
Subject: Re: [VOIPSEC] rtpinsertsound problem
To: Joany BOUTET <boutet.joany at gmail.com>
Cc: voipsec at voipsa.org
Message-ID: <1219202512.9050.94.camel at localhost>
Content-Type: text/plain
On Tue, 2008-08-19 at 12:11 +0200, Joany BOUTET wrote:
> I am a student; trying to test rtpinsertsound tool but that doesn't
> work for me !
I would suggest checking two things:
First, the way those tools work are by replacing (or mixing) the audio
and crafting a new packet with an incremented packet ID by a few values.
This packet is then sent in an attempt to beat the legitimate packet
with the same value. If the legitimate packet is winning the race, the
injected audio will not be heard. Try increasing the value by which the
ID is incremented. This is accomplished with command-line option '-f',
for spoof factor.
Second, version 3.0 of the tools will auto-identify the RTP ports for
you; you shouldn't need to do this manually with the -A and -B options
unless there are a LOT of other calls happening and the tool is
auto-selecting the wrong one, or you just want to verify that the tool
is identifying the correct ports with Wireshark. Make sure you're
running the most recent versions of the tools, which you can grab from
the Hacking VoIP Exposed website:
http://www.hackingvoipexposed.com/sec_tools.html
--
Dustin D. Trammell
dtrammell at dustintrammell.com
http://www.dustintrammell.com
------------------------------
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
End of Voipsec Digest, Vol 44, Issue 8
**************************************
More information about the Voipsec
mailing list