Penetration Testing mailing list archives
Re: VoIP Attacks
From: infolookup () gmail com
Date: Fri, 25 Jul 2008 20:21:23 +0000
Try looking into Voip-Hopper I saw a nice video presentation of this from the Shmoocon 2008 security conference. Sent from my Verizon Wireless BlackBerry -----Original Message----- From: "Sergio Castro" <sergio.castro () unicin net> Date: Tue, 22 Jul 2008 08:31:59 To: <contebral () web de>; <pen-test () securityfocus com> Subject: RE: VoIP Attacks Well, you can do ARP poisoning to launch a MITM attack, and intercept VoIP calls, including DTMF tones. Then you can use a tone decoder to get the confidential banking numbers that where keyed into the IVR. Try using Cain for the VoIP intercept, and ToneDecoder for tone decoding. - Sergio -----Mensaje original----- De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En nombre de contebral () web de Enviado el: Viernes, 18 de Julio de 2008 04:49 p.m. Para: pen-test () securityfocus com Asunto: VoIP Attacks Hello Folks, Classical Attacks vectors against VoIP like SPIT (VOIP SPAM) and VoIP Phishing are well known and documented. i'm curious if there exists other client side attacks against voip that may compromise confidential calls e.g. Telephon Banking or similar applications. THX _____________________________________________________________________ Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! http://smartsurfer.web.de/?mc=100071&distributionid=000000000066 ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------ __________ NOD32 3283 (20080721) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- VoIP Attacks contebral (Jul 22)
- RE: VoIP Attacks Sergio Castro (Jul 25)
- Re: VoIP Attacks infolookup (Jul 28)
- RE: VoIP Attacks Sergio Castro (Jul 25)