HackingVoIP Hints

Event:

Clues for Jan 15th Hacking VoIP

#HackingVoip For an attack on VoIP to be possible, only one side of the conversation needs to be using VoIP

#HackingVoip The use of cleartext protocols, the lack of proper authentication, and the complexity of deploying strong end-to-end security

#HackingVoip Listening to a voicemail system using insecure VoIP phones allows any person on the local segment to listen as well

#HackingVoip Insecure wireless access points and insecure VoIP technology can allow [anyone] to listen to your phones calls

#HackingVoip Organizations limit the spread of sensitive user information across their data networks. Voice networks using IP should, too

#HackingVoip IAX is the one protocol that does both session setup and media transfer

#HackingVoip Once the session is set up using SIP or H.323, the call is sent to the media protocol, which is RTP

#HackingVoip SIP is designed similar to HTTP, where methods like REGISTER, INVITE, FORWARD, LOOKUP, and BYE are used to set up call

#HackingVoip H.323 uses a collection of subprotocols, such as H.225, H.245, H.450, H.239, and H.460, to perform the session setup

#HackingVoip IAX does not use RTP for media transfer because the support is built into the protocol itself

#HackingVoip Usually digital phones are in business environments, analog in home environments. Neither are VoIP hard phones.

#HackingVoip SIP hard/soft phones are usually know as User Agents, while H.323 hard/soft phones are usually referred to as endpoints

#HackingVoip The authentication process in most VoIP deployment occurs at the session layer (SIP, H323, IAX).

#HackingVoip The most common default authentication for SIP is Digest authentication.

#HackingVoip When two phones are calling each other, they authenticate not to each other but to intermediate support servers.

#HackingVoip MAC addresses are sometimes used to authorize certain devices on VoIP networks.

#HackingVoip Encrypting VoIP traffic in both segments is often required. Authentication in SIP (signaling), audio in media (RTP)

#HackingVoip SIP usually listens on TCP or UDP port5060, but it can be configured to any port desired.

#HackingVoip Network port scanners can be used to enumerate SIP User Agents, Registrars, Proxy servers, and other SIP-enabled systems.

#HackingVoip ability to spoof a legitimate gatekeeper, Registrar, Proxy server, or other VoIP authentication entity can be quite harmful

#HackingVoip An attacker can monitor the network simply force a reboot by performing a DoS attack on the endpoint

#HackingVoip Infrastructure immune to users sniffing on the network or security attacks on TFTP, DNS, and DHCP is desperately needed

Comments on this entry are closed.

Previous post:

Next post: