RE: VOIP as Gateway

["Ofir Arkin" <ofir () sys-security com>]

Hi,

You are talking about 2 totally different things here.

If I am calling to someone (I am using the regular PSTN) and he is using
an IP phone it is seamless from your end. His PSTN-VoIP gateway will
convert the signaling and voice samples from the PSTN based protocols to
VoIP based protocols and vice versa.


VoIP Network -------|GW|------ PSTN 


The risk here is to abuse the gateway from the PSTN side (GW/IP PBX). If
you get yourself on the GW/IP PBX that’s it...


Ofir Arkin [ofir () sys-security com]
Founder
The Sys-Security Group
http://www.sys-security.com
PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA 

-----Original Message-----
From: rginski () co pinellas fl us [mailto:rginski () co pinellas fl us] 
Sent: ו 01 מרץ 2002 20:25
To: pen-test () securityfocus com
Subject: VOIP as Gateway



I have read the particulars to VOIP and securing 
VOIP as an application. However, has anyone 
performed any pen testing or research on using VOIP 
as a gateway? 

For example, someone from the outside (not part of 
the VOIP network) dialing from home (etc) to an 
organization's VOIP-enabled phone. Then, using the 
VOIP-enabled phone as a gateway to the rest of the 
IP network? 

TIA

------------------------------------------------------------------------
----
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/