Security Basics mailing list archives
RE: A different kind of security problem?
From: "Alan Greig" <Alan.Greig () Ogilvie co uk>
Date: Tue, 19 Jul 2005 20:38:12 +0100
Hello Keenan, When you say the network that supports your VOIP traffic do you have a VOIP solution that has a number of IP Endpoints and a main VOIP server / switch that offers connection to the traditional telephone network or are all of your endpoints hooked into some form of pay on use VOIP network? If its the latter have you mentioned the music to the provider? If it's the former what level of logging is available on the main VOIP switch in that can you ascertain which endpoints were involved in the calls? Alan -----Original Message----- From: Smith, Keenan C. [mailto:Keenan.Smith () jhuapl edu] Sent: 18 July 2005 18:52 To: security-basics () securityfocus com Subject: A different kind of security problem? All, Okay, this is one that requires squinting your eyes a bit and turning your head to really be a security issue but if you stick with me, I think you'll see where I'm going with this one. A recently installed VOIP system in my company works well most of the time. However in a few cases, we've heard music on the line that was not being generated by either end. In one case, one of our VOIP phones was being used to access a bridge for a conference call. There were 15 or 20 folks on the call and at one point during the call loud rock music begin playing. The phone was hung up since voices could not be heard over the music. We found out later that not only had everyone else on the call hear the music but it ended when we disconnected from the call. In another case, one of our VOIP phones was being used to call a residential number. Again, towards the end of the call music begin playing. However, this time it was soft jazz. In both cases the music was not being generated by any of the participants and none were on hold so hold music was not the culprit. My thought is that we're experiencing a bleed through or cross-talk from other traffic on the same network hosting the VOIP traffic. If that is indeed the case, my question to the group at large is this: does that indicate a possible vulnerability of some sort in the protocols that support VOIP? Is this something that could be exploited to eavesdrop or even route a call to an unknown destination? I Googled for this but didn't find much about it. Thoughts? Keenan Smith CONFIDENTIALITY NOTICE: This email and any attachments may be confidential. They may contain privileged information and are intended for the named addressee only. They must not be distributed without our consent. If you are not the intended recipient, please notify us immediately and delete the message and any attachments from your computer, do not disclose, distribute, or retain this email or any part of it. DISCLAIMER: Internet communications are not secure and therefore Ogilvie Group Ltd does not accept legal responsibility for the contents of this message. Unless expressly stated, opinions in this email are those of the individual sender and not of Ogilvie Group Ltd. Ogilvie Group Ltd checks outgoing e-mails with anti-virus software that is regularly updated however this does not guarantee that any files attached to this e-mail are virus free. You must therefore take full responsibility for virus checking. Ogilvie Group Ltd reserves the right to monitor all email communications through their networks.
Current thread:
- A different kind of security problem? Smith, Keenan C. (Jul 19)
- Re: A different kind of security problem? NewYork User (Jul 20)
- <Possible follow-ups>
- RE: A different kind of security problem? Stephane Auger (Jul 20)
- RE: A different kind of security problem? Alan Greig (Jul 20)
- Re: A different kind of security problem? prod92a (Jul 21)
- Re: Re: A different kind of security problem? ayman_m_galal (Jul 21)
- Re: A different kind of security problem? bnottle (Jul 22)