[ISN] Sipera Develops VoIP Spy Program - to Prove a Point

From: InfoSec News <alerts_at_private>
Date: Sat, 11 Oct 2008 02:03:54 -0500 (CDT)

By Adam Stone
VOIP Planet.com
October 6, 2008

Can someone eavesdrop on your enterprise VoIP calls? Almost certainly. 
It hasn't been talked about much in the press but the simple fact is, 
these networks are vulnerable to snooping.

Jason Ostrom is ready to prove it.

As director of Sipera Systems' VIPER (Voice over IP Exploitation 
Research) Lab, Ostrom has been busy devising ways to sniff out VoIP 
vulnerabilities. He's just released VIPER's latest offering, UCSniff, a 
free tool capable of listening in on calls within an enterprise. Lots of 

UCSniff has two modes. First it can 'learn,' discovering all phones and 
extensions on a network and mapping their addresses. Within learning 
mode the program also can launch a 'directory module,' sucking out 
contact data from a user's directory and adding that information to its 
own directory.

Having learned its way around the system, UCSniff can then 'target' 
users for eavesdropping, picking out individual phones by extension in 
order to zero in on calls made by a particular caller.

It gets better. Rather than just hearing one side of a conversation, 
UCSniff is bi-directional. Using G.711 and G.722 codecs, the program can 
automatically listen in on and record both sides of a conversation. This 
has ramifications. Suppose the VP of Sales is chatting about strategy 
with the CEO. What's it worth to the competition to know what is being 
said? If UCSniff can hear it, that's pretty solid evidence that the bad 
guys can too.


Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
Received on Sat Oct 11 2008 - 00:03:54 PDT

This archive was generated by hypermail 2.2.0 : Sat Oct 11 2008 - 00:14:45 PDT