Slashdot Mirror

← Back to Stories (view on slashdot.org)

VoIP Security

Posted by CmdrTaco on from the this-is-the-future-people dept.

An anonymous reader writes "Whitedust are running an interesting article on the security aspects of VoIP. From the article: "The fact that VoIP operates across standard networks makes it vulnerable to all manner of IP hacking - including man in the middle attacks,sniffing, session hijacking, etc." Considering it's recent growth, how secure is VoIP?" PCM2 sent us a wired bit about Phil Zimmerman of PGP working on a privacy system for Voice over IP calling

6 of 188 comments (clear)

  1. The Dumbing-Down of America...part XXVII by TripMaster+Monkey · · Score: 5, Informative

    From TFA:
    is an umbrella term used forthesoftware
    some more introductionary information
    Considerating the stability and reliability of the tradional telephony networks
    so it's roll out is most likely inevidable.
    particular relevence to most
    VoIP and it's implementation.
    And all these errors are in just the introduction.

    Now, I don't expect perfection, but the sheer amount of errors present here is beyond the pale, and renders the reader incapable of trusting the subject matter presented, or taking the author seriously.

    Mr. Anderson, about 98% of the errors in your article could have been avoided by the use of a simple spell-checker. Nowadays, people don't actually need to know how to spell, as we have software to do that for us...but you have to actually use the software.
    --
    ____

    ~ |rip/\/\aster /\/\onkey

  2. Man in the middle. by matt21811 · · Score: 5, Interesting

    I have never worried about man in the middle attacks on the internet. To be successful, it requires very good access to my ISP or the backbone carrier's network which is hard to do. Even if they can get that access all they can do is listen to my calls, have a chat with me and the other person or maybe hang up the call. Any attacker listening to my calls is going to get very bored very quickly. If they do the later two, it could cause them to get caught because I'll complain about the problem.

    The only security problem I see is if the attacker can learn information that lets him make calls billed to my account. This becomes the VOIP vendors problem anyway. When I notice something wrong with the bill I'll do a chargeback on my credit card for the bill and simply change VOIP providers. If this happens a lot, the VOIP vendor will do something about their security problem.

    Or am I missing something?

    1. Re:Man in the middle. by Tony+Hoyle · · Score: 5, Informative

      If you're using VOIP as a transparent replacement to POTS there's no change.

      POTS is wide open to MIM attacks.. in fact anyone with a cheap earpiece can do it - no need for a PC even.

  3. Cain and VoIP Sniffing by Anonymous Coward · · Score: 5, Informative

    There is a program called Cain that can sniff VoIP traffic (as well as other things) and turn it into a wav file if it understands the codec. There is a video on how it works at: http://www.irongeek.com/i.php?page=videos/cainvoip 1

  4. No discussion about this, w/out VoIPsec list by papaia · · Score: 5, Informative

    Please visit the VoIPsec archives, before assuming that any one article could cover it all. There you could find links and comments from some of the most pertinent contributors to this subject.

    --
    == With enough Will Power, one could move mountains. With enough Brains, one would just leave them where they are ==
  5. How secure is the PSTN? by Sketch · · Score: 5, Interesting

    Considering I can walk up to 90% of the houses on the street. open up the phone box, and plug a lineman's handset (or anything else) into the phone line...how secure is the PSTN?

    If you think the PSTN is really secure, you might want to look through some old issues of 2600...

    --
    -- OpenVerse Visual Chat: http://openverse.com