Slashdot Mirror

← Back to Stories (view on slashdot.org)

Expert Unveils 'Scary' VoIP Hack

Posted by Zonk on from the keep-it-close-to-your-chest dept.

Kurtz'sKompund passed us a link to a Techworld article on a frightening new vulnerability for VoIP. The UK's Peter Cox has put together a proof-of-concept software package to illustrate the flaw, a program he's calling SIPtap. "The software is able to monitor multiple Voice-over-IP (VoIP) call streams, listening in and recording them for remote inspection as .wav files. All that the criminal would need would be to infect a single PC inside the network with a Trojan incorporating these functions, although the hack would work at ISP level as well. The program can index 'IP-tapped' calls by caller - using SIP identity information - and by recipient, and even by date."

5 of 103 comments (clear)

  1. More Info? by __aajwxe560 · · Score: 4, Interesting

    I read TFA and I didn't see any information that makes this any different than using Wireshark to capture and reassemble the packets and do this (it is fairly easy)? What is so drastically advanced about this discovery? Additionally, isn't a switched network generally protected by this unless a port is specifically configured for packet forwarding? That would be one spiffy trojan to hack into the switch as well and configure this. Also, most VOIP installs I have seen have, at the vendors install requirement, the VOIP phones be on their own VLAN from the data side of the network, further limiting the exposure?

  2. Uhh.. Yes.. by zoid.com · · Score: 4, Interesting

    We use this method to record call center traffic. Have a look at Orecx http://www.orecx.com/ . This is not a hack. Also switches will not send the traffic to all systems on the network so you will have to turn on SPAN or use a dumb hub. No news here.

    --
    Zoid.com
    1. Re:Uhh.. Yes.. by silas_moeckel · · Score: 3, Interesting

      And it is impossible to do with a decent switch. Cisco and the like are more than capable of stopping this sort of attack. This is not to say that we should not continue down the path to encrypted sip.

      --
      No sir I dont like it.
  3. Re:zfone by JackMeyhoff · · Score: 2, Interesting

    How do you know? From their advertisement or have you checked? I never take things on face value. Anyway, if they really want to listen you stand no chance.

    --
    http://www.rense.com/general79/wdx1.htm
  4. Re:Need help from service providers to fix this! by integral-fellow · · Score: 2, Interesting

    Has anyone else tried Phil ZimmermanN's Zfone? Available on OS X, Linux, and windows, it does end-to-end (up to applications) encryption, from the father of PGP. The code is available for review. The interface is quite slick and his reputation is platinum. Is there anyone else trusted more? It works with many sip clients: X-Lite, Gizmo, XMeeting, Google Talk VoIP client, SJphone, and Asterisk PBXs. It also works with iChat audio and video and these VoIP providers: Free World Dialup, iptel.org, and SIPphone. It does not work with Skype.