Recent Posts

Search Blog

  • Search Blog
    Google

    WWW
    voipsecurityblog.typepad.com
Subscribe to this blog's feed

Archives

More...

Conferences

General Articles

Advisories

Skype Articles

« Two New Authors on This Blog | Main | Presentation Describing How to Do Remote Eavesdropping on A Cisco Phone »

Our Tools Are Being Used

Regular readers of this blog know that the open-source tools developed in conjunction with the Hacking Exposed VoIP book were published on www.hackingexposedvoip.com more-or-less coincident with the availability of the book. In addition to questions we've received for some of the tools, I'll occasionally search the Net looking for evidence the tools are being used or discussed. All of the tools are now referenced by several VoIP hacking/security training courses. Anecdotal evidence suggests the most popular tools are rtpinsertsound and rtpmixsound. This is not unexpected since those tools are used to demo the vulnerability of VoIP endpoints to RTP audio attacks independently of the signaling protocol used. Frankly, those were also the most fun tools to write and test (perhaps besides spitter).

Occasionally, we'll receive an e-mail request for help building or adapting one of our tools. Recently, one engineer has sought help adapting the SIP redirectpoison tool from use on an Ethernet network to a WiFi network. That's a cool idea. Most of the tools presume the tool platform has achieved at least a sniffing position. What could be easier than sniffing a WiFi network? We'll endeavor to keep you posted on his progress.

Another engineer recently requested help with sip_rogue. That tool is a bit more challenging than the other tools since it requires the entry of several commands to configure the minimum number of sip_rogue "objects" required to make the tool function in even a minimal way. Even though development of the tools (at least those produced by SecureLogix) were on the fast track and none are claimed to be "production quality", sip_rogue is admittedly buggy. Those attempting to employ sip_rogue must possess a somewhat hardier constitution. One guy has stepped to the plate. Perhaps there have been others?

Whether you've attempted to use the tools and succeeded or failed, we'd be happy to hear about it.

Mark O'Brien

March 04, 2008 in VoIP Security Tools |

Comments

A friend of mine pointed out your entry to me, and it's nice to see myself mentioned in your blog. I will keep you updated, or Mark can fill you in.

Chase

Posted by: Chase Pollock | March 13, 2008 at 07:15 AM

Post a comment

If you have a TypeKey or TypePad account, please Sign In

About

My Photo
Add me to your TypePad People list

My Articles/Quotes

VoIP Security Blogs/Links

Tools

Podcasts

Books

Interesting Documents

Interesting Presentations

SPIT/Voice SPAM

Phishing