The FCC is requesting comments on a proposal that is intended to limit the use of prerecorded calls for telemarketing. This proposal, depending on how it ends up looking, may have a positive impact on controlling SPIT, when that actually becomes a problem:
While listening to one of the most recent bluebox podcasts, there was a comment about whether or not VoIP might create threats that "could take down the PSTN". I am not sure VoIP can take down the PSTN, but it could be used to create attacks that affect the PSTN and enterprises that connect to it. For example, it is very difficult to create a DoS condition with traditional TDM networks. If you wanted to flood another enterprise with calls, you would need some sort of sophisticated/expensive dialer (or a boat load of friends) and some high capacity interfaces to the PSTN (at least enough to generate the number of calls needed to overwhelm the target). With VoIP, this could be a lot easier. You could for example run a program like our "inviteflood" tool or any VoIP load generator and introduce a ton of calls to the PSTN. If the originating site had a high capacity VoIP link to the public network or at least quite a few DS1s hanging off a media gateway, you could possibly flood another site with calls. If you were able to run this sort of program at multiple sites, you could generate even more calls. Perhaps a worst case scenario would be a virus/worm that is widely distributed, that "wakes up" and generates thousands/millions of calls, all of which target one or more enterprises (or government sites). The point here is that VoIP makes it much easier to generate many calls. You don't need specialized hardware, you just need a program that can generate calls. Of course you need access to a VoIP network and must be able to generate large numbers of calls.
I thought up an interesting attack, that you could use our rtpinsertsound tool for. I sorta described this in our book, but not explicitly. Here goes. The rtpinsertsound tool can be used to insert sounds and words into a VoIP conversation. The tool requires you to "see" the conversation, because it needs to observe the RTP SSRC, sequence numbers, and timestamps (so it can properly insert new audio). When this tool observes this data, it will "play" the new sound in a way that tricks the target into using it, in preference over the real audio.
Assuming you have access to the RTP, it is also possible that you could be listening to it in real time. If you are able to do this, you could have an rtpinsertsound command all set up to run and if you time it right, you can use the command to replace a word or phrase. Say for example you are listening to a stock trade. You have an rtpinsertsound command ready to run (just hit return) that inserts a word like "buy" or "sell". If you are listening to the conversation, you could probably predict when a word like this is about to be stated. With the right timing, you could in essence "replace" a word.
This is just one example. I am sure there are many others. Feel free to play with this and other tools we have put on www.hackingvoip.com.