-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, A couple of colleagues and I are working on a security audit for a VOIP system. Anyone know of any exploits and vulnerabilities that may exist with Cisco's call manager? One thing we have found is that the traffic can be sniffed during phone calls. TCP is used for the initial connection setup and then once the phone has setup a session to the call manager it then uses the RTP protocol. We found that the conversation is placed in the PCMU audio codec. We are looking to find a way to extract the payloads and reassemble the audio so that we can play back the phone conversations. We are also looking at launching a man in the middle attack and getting access to the conversation and trying and listen to it in real time instead of capturing and replaying. Any ideas on some possible ways to execute this? Thanks in advance, //CALENCE Brandon Young Consultant - Consulting Services 480.889.9736 byoungat_private www.calence.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBOyjc1HTH1Q5UAycjEQLCfgCfaesfZXb/E35EaTqE9sZdcPCZlGsAoJxf wh1QNRb61/lEJMHS5LhUDMS6 =atyJ -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Jun 14 2001 - 12:20:19 PDT