Blue Box listener Frank Leonhardt clued us in to the fact that VoIP Hopper 0.9.9 was released back on February 19th. VoIP Hopper is a tool that allows you to “hop” between the data a voice VLANs (or any other VLANs) that was written primarily because the authors were tired of hearing people say that VLANs were a true security mechanism (Hint: They’re NOT!). We’ve written about it before and talked about on a Blue Box episode and a Telcom Junkies show and it is indeed an interesting test tool. Per the release notice, this version 0.9.9 has these new features:
- CDP Generator! VoIP Hopper can generate CDP packets in order to discover the Voice VLAN ID, as any IP Phone based on CDP would do. In this CDP spoof mode, VoIP Hopper will send two CDP packets in order to decipher the VVID, then it will iterate between sleeping for 60 seconds, and sending another packet. Not only is this faster than CDP sniffing, but it can also help bypass any mechanisms that rely on CDP for permitting access to the Voice VLAN.
- Voice VLAN Interface Delete: VoIP Hopper can delete the created Voice
Interface- MAC Address Spoof, then exit: VoIP Hopper can change the MAC Address of
an interface offline and exit, without VLAN Hopping.
You can visit the VoIP Hopper site to learn more.
Technorati Tags:
voip, security, voip security, voip security tools, voip hopper, vlans