Penetration Testing mailing list archives
Re: pentesting voip network-please help
From: Todd Haverkos <infosec () haverkos com>
Date: Fri, 05 Feb 2010 12:05:56 -0600
Yiannis Koukouras <ikoukouras () gmail com> writes:
Cain & Abel has also a very good VOIP sniffing feature. :)
Does it work in Cisco environments though? I honestly don't know. Absent a way to get onto the VOIP vlan , it's nice features would be sadly useless. In most Cisco deployments, the phones themselves and all the call traffic are on a dedicated VLAN. When I've done such assessments, I've used voiphopper under Linux to dot he CDP dissection to find the VLAN and create the virtual interfaces and grab DHCP and the like. I also recall having to spoof the MAC of my box to impersonate the Cisco phone I unplugged to find a jack, as port security was in play along witha few other switch features trying to spoil the fun which if you made a wrong move, the port was entirely shut down and had to be reset by an administrator. At any rate, I'm curious what tools if any are available under Windows to do deal with VLAN's, finding the VOIP vlan, and dealing with trunk connection? If Cain handles all that, it'd be nice to know. Windows still makes me nervous for such things as it is AWFULLY chatty on the wire (and I've never had the need yet to figure out how many services to disable to quiet it down to an innocuous level). I'd be interested in any tricks from other list members on this front too. Best Regards, -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- pentesting voip network-please help mzcohen2682 (Feb 02)
- RE: pentesting voip network-please help 김무성 (Feb 03)
- RE: pentesting voip network-please help McGhee, Eddie (Feb 03)
- Re: pentesting voip network-please help Yiannis Koukouras (Feb 05)
- Re: pentesting voip network-please help Todd Haverkos (Feb 07)
- Message not available
- Re: pentesting voip network-please help Yiannis Koukouras (Feb 07)
- Re: pentesting voip network-please help Nick (Feb 09)
- Re: pentesting voip network-please help Yiannis Koukouras (Feb 05)