[prev in list] [next in list] [prev in thread] [next in thread]
List: voipsec
Subject: Re: [VOIPSEC] VoIP Attack : How feasible
From: "Gupta, Sachin" <s-gupta2 () ti ! com>
Date: 2006-05-05 22:09:19
Message-ID: 772F5D89C5E0734B8A86D85DFC6A20240334658D () dlee03 ! ent ! ti ! com
[Download RAW message or body]
Tampering the messages at the router require physical access to it,
which is something similar to PSTN. Moreover Packets(Media & signaling)
may follow different route and they may be fragmented . So packets at
one router may not give sufficient information about the call/media. But
these attacks are very much possible the most immidiate router (as all
packets will pass thru this).
But still it needs somebody insider to carry these attacks. OR somebody
gained remote access to these routers.
Can you explain how would out of band SS7 will help previnting any such
attacks?
Sachin
-----Original Message-----
From: Hank Cohen [mailto:hcohen@hifn.com]
Sent: Friday, May 05, 2006 5:38 PM
To: Gupta, Sachin; voipsec@voipsa.org
Subject: RE: [VOIPSEC] VoIP Attack : How feasible
There are known vulnerabilities of Cisco routers.
Poorly managed network elements can be compromised.
People can be bribed.
Most Ethernet switches have port mirroring capabilities that could be
used.
DNS and BGP can be spoofed to misroute traffic.
It is probably easier to intercept within an enterprise but IP makes the
carrier infrastructure less secure than we have become accustomed to,
not more.
A big difference is that since the implementation of SS7 signaling has
been done out of band on the PSTN. In the Internet VoIP signaling (SIP)
runs over the same lines so unless the SIP messages are encrypted using
traditional VPN technology (IPsec/SSL/TLS) bogus signaling messages
could be injected by any nefarious user.
The PSTN wasn't that secure either but physical access generally
required an evesdropper to physically tap a line or gain access to a
central office switch so there was better physical security. The
Internet provides opportunites to gain access and have the results of
your intercept forwarded to you wherever you might be.
In short there are plenty of vulnerabilities. My list probably just
scratches the surface.
Hank Cohen
Hifn
> -----Original Message-----
> From: Voipsec-bounces@voipsa.org
> [mailto:Voipsec-bounces@voipsa.org] On Behalf Of Gupta, Sachin
> Sent: Friday, May 05, 2006 1:42 PM
> To: voipsec@voipsa.org
> Subject: [VOIPSEC] VoIP Attack : How feasible
>
> I have a very basic question here.
> How easy or feasible it is to launch any kind of attack on internet ,
> be it VoIP or anything else? Apart from the insider attack, how would
> somebody be able to read the data that i sent on wire.
> I can understand that such attacks are possible in an enterprise
> scenario, but do not understand the scenario in which somebody could
> launch these attacks over the internet.
> Can somebody provide some information here
>
> Thanks
> Sachin
> _______________________________________________
> Voipsec mailing list
> Voipsec@voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
_______________________________________________
Voipsec mailing list
Voipsec@voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic