Penetration Testing mailing list archives

Re: VoIP testing Help

From: Mark Teicher <mht3 () earthlink net>
Date: Fri, 22 Jul 2005 13:15:04 -0400 (GMT-04:00)

I am bit confused, so how does Cain and Abel help assess a VoIP solution.  Does it provide analysis of the device 
configuration ?? How does it provide detailed on analysis on PESQ, MOS, QOS and Jitter ??

-----Original Message-----
From: Hazim <hazim () scan-associates net>
Sent: Jul 21, 2005 10:34 PM
To: Clement Dupuis <cdupuis () cccure org>
Cc: 'Mark Sec' <mark.sec () gmail com>, security-basics () securityfocus com, 
        pen-test () securityfocus com, Voipsec () voipsa org
Subject: Re: VoIP testing Help

Clement Dupuis wrote:

Do take a look at Cain & Abel (www.oxid.it) they have a voip sniffer and it
does work ver well with some implementation.

On top of all that: it is FREE

Have fun

Clement


Clément Dupuis, CD
President/Security Evangelist/Chief Learning Officer (CLO)
CCCure Enterprise Security & Training Inc.
CISSP, GCFW, GCIA, Security+, CEH, CCSA, MBNS, MBIS, MBHS, CCSE, ACE
Tel: 954 364 8410 (Florida)
Tel: 514 907 1671 (Montreal)
Tel: 418 907 0263 (Quebec)
Fax: 636 773 6328 

Maintainer of :

The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org      

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org

-----Original Message-----
From: Mark Sec [mailto:mark.sec () gmail com]
Sent: Wednesday, July 20, 2005 6:58 PM
To: security-basics () securityfocus com; pen-test () securityfocus com;
Voipsec () voipsa org
Subject: VoIP testing Help

Alo Folks:

Well now we have a audit over VoIP , we need whitepappers, tools ,
links...

the big problem may be are the tools, for example we need "examples"
or "PoC like sniffing over VoIP whith tools tcpdump and Ethereal, how
to convert the traffic to .wav file , Which are the strings over my
shell use tcpdump, opensource and comercial tools.

thanks for all ur help :-)

- Mark

I think Cain & Abel will have a problem with g723 codec. I've tried 
sniff using Ethereal and it works well. Just that u need some additional 
tools such as JmStudio and rptplay.

Current thread:

VoIP testing Help Mark Sec (Jul 20)
- Re: VoIP testing Help bytesman (Jul 21)
  - Re: VoIP testing Help David Eduardo Acosta Rodríguez (Jul 21)
    - RE: VoIP testing Help Clement Dupuis (Jul 21)
    - Re: VoIP testing Help okrehel (Jul 21)
- RE: VoIP testing Help Clement Dupuis (Jul 21)
- <Possible follow-ups>
- Re: VoIP testing Help Hazim (Jul 21)
- Re: VoIP testing Help Mark Teicher (Jul 22)
- Re: VoIP testing Help Mark Teicher (Jul 22)
  - Re: VoIP testing Help Mark Sec (Jul 27)
    - Re: VoIP testing Help Ozgur Ozdemircili (Jul 28)
- Re: VoIP testing Help druid (Jul 22)
- Re: VoIP testing Help James Moorer (Jul 22)
  - Re: VoIP testing Help Tobias Glemser (Jul 25)
- Re: VoIP testing Help Mark Teicher (Jul 25)
- VoIP testing Help Mark Teicher (Jul 28)