Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: VoIP pentest ?

From: Ofir Arkin <ofir () sys-security com>
Date: Sat, 30 Oct 2004 11:09:48 +0200
Frederic,

You might wish to read:
Security Risk Factors with IP Telephony based Networks

Found at:
http://www.sys-security.com/html/projects/VoIP.html

Although it is not targeting H.323, it speaks about the generic risk
factors to VoIP.
Yours,

Ofir Arkin
Founder,
The Sys-Security Group
http://www.sys-security.com

On Oct 27, 2004, at 11:28 AM, Frederic Charpentier wrote:


Hi all,
does anyone have experiences or papers on VoIP pentest/assessment ?
Expecting classic OS/Network audits and H323/ASN.1 flaws, I can't find
any documentations or papers about flaws in VoIP architecture.

Fred.
----------------------------------------------------------------------- ------- 
Internet Security Systems. - Keeping You Ahead of the Threat
When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology. 
http://www.securityfocus.com/sponsor/ISS_pen-test_041001
----------------------------------------------------------------------- --------
Previous By Date Next
Previous By Thread Next

Current thread: