[VOIPSEC] VOIP Telephone exploitation
Klaus Darilion
klaus.mailinglists at pernau.at
Fri Oct 23 09:11:34 CDT 2009
brolen schrieb:
> Since the inception of your group, have you identified a clear cut
> strategy to detect, identify and guard against remote eavesdropping
> on a VOIP system such as the Cisco-IP phone. In addition, what tests
> are being used to identify the activation of the remote maintenance
> or remote observation features.
You can use the same techniques you are already using to prevent that
somebody eavesdrops your email/http connections, e.g.
- secure your LAN against ARP spoofing
- use encryption (IPsec, TLS+SRTP)
regards
klaus
>
> I would certainly like to hear from some of your members regarding
> the defenses and protections for VOIP systems that a company can
> logically employ.
>
> In addition, has anyone made any headway into the detection and
> removal of Trojans or rootkits on cellphones. This appears to be a
> rather large effort for attacking devices such as I-phones,
> Blackberrys etc.
>
> Thanks, Bob Rolen _______________________________________________
> Voipsec mailing list Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list