http://news.cnet.com/8301-1009_3-10052393-83.html By Robert Vamosi Security CNET News September 26, 2008 Jason Ostrom of VoIP Hopper on Saturday plans to release his next-generation VoIP sniffer at Toorcon in San Diego to help raise awareness of the type of vulnerabilities businesses face as they adopt unified communications (UC) technology. He told CNET News that the tool, UCSniff, has two settings. One is a learning mode, sniffing all the IP traffic then mapping telephone extensions to specific addresses. By default, it is capturing all the calls and saving them to wave files. The other setting is a bit more creepy: targeting conversations. After learning the IP addresses of the phone system, someone using UCSniff can listen to all the VoIP, or voice over Internet Protocol, conversations made by a specific user, say the CEO. That's user mode. A second mode, conversation mode, allows someone to monitor calls made exclusively between two extensions, say only when the CEO calls the CFO. "So it's like dynamic ARP poisoning," Ostrom explained, referring to Address Resolution Protocol spoofing. "The tool, on the fly, figures out how to do the ARP poisoning for you so you're not intercepting the traffic of phones that you do not want to intercept." [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Mon Sep 29 2008 - 00:26:01 PDT
This archive was generated by hypermail 2.2.0 : Mon Sep 29 2008 - 00:35:49 PDT