« New Wardialing Tool - WarVOX | Main | Headed out to Voicecon »

March 19, 2009


Paul Sand

This attack is actually quite successful in a typical enterprise. Media Gateways really don't molest the payload of most VoIP calls. The Media Gateways almost always interconnect to the PSTN with ISDN-PRIs. The VoIP traffic almost always is G.711. Both the ISDN-PRIs and G.711 use mu-law PCM encoding. This means the media gateway does absolutely no transcoding and thus does not introduce any loss. Salare Security will shortly be releasing a white paper addressing this particular myth of media gateways. I'll post back when it is ready to go.

The counter measures suggested do not work. The endpoints used in a Vunneling exploit are authenticated IP phones and softphones. Relying on "edge security devices" does not work either. The edge security devices capable are not capable of examining the content of the VoIP media channel -- it very likely is encrypted and the impact of doing something like this would be disastrous to latency and jitter. The only solution I know that can defend against this exploit is Salare's vPurity appliance or OEM software.

Paul Sand

Salare Security has just released the white paper ("Easy Out") I mentioned in a previous comment. The white paper can be found at https://www.salaresecurity.com/EasyOut.html. Data can be stolen through VoIP Media Gateways, the white paper explains how it can be easily be done.


A very good solution for voip tunneling and encryption can be found at mizutech: https://www.mizu-voip.com/Products/VoIPTunnel.aspx
(both server and client side solutions)

The comments to this entry are closed.

My Photo

Search Blog

  • Search Blog


Become a Fan

Telephony Denial of Service (TDoS)