Re: Voice over IP

From: Andreas Östling (andreasoat_private)
Date: Fri Jun 15 2001 - 00:29:15 PDT

Next message: David Jacoby: "Re: finding webroot on IIS"

Previous message: Jim Utkin: "RE: How to become a professional penetration tester?"
In reply to: Young, Brandon: "Voice over IP"
Next in thread: John Bumgarner: "RE: Voice over IP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 14 June 2001 17:47,  Young, Brandon wrote:
...
> A couple of colleagues and I are working on a security audit for a
> VOIP system. Anyone know of any exploits and vulnerabilities that may
> exist with Cisco's call manager? 
...

You may want to check out a tool by Niels Provos called "vomit" - voice over 
misconfigured internet telephones.
It's available from http://www.monkey.org/~provos/vomit/

"The vomit utility converts a Cisco IP phone conversation into a wave file 
that can be played with ordinary sound players. The phone conversation can 
either be played directly from the network or from a tcpdump output file. 
Vomit is also capable of inserting wavefiles into ongoing telephone 
conversations. Vomit can be used as a network debugging tool, a speaker 
phone, etc ..."

Have not tried it myself, yet.

Regards,
Andreas Östling

Next message: David Jacoby: "Re: finding webroot on IIS"
Previous message: Jim Utkin: "RE: How to become a professional penetration tester?"
In reply to: Young, Brandon: "Voice over IP"
Next in thread: John Bumgarner: "RE: Voice over IP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 15 2001 - 16:30:14 PDT