Re: pentesting voip network-please help

[Todd Haverkos <infosec () haverkos com>]

Yiannis Koukouras <ikoukouras () gmail com> writes:

> Cain & Abel has also a very good VOIP sniffing feature. :)

Does it work in Cisco environments though?  I honestly don't know.

Absent a way to get onto the VOIP vlan , it's nice features would be
sadly useless.  In most Cisco deployments, the phones themselves and
all the call traffic are on a dedicated VLAN.

When I've done such assessments, I've used voiphopper under Linux to
dot he CDP dissection to find the VLAN and create the virtual
interfaces and grab DHCP and the like.  I also recall having to spoof
the MAC of my box to impersonate the Cisco phone I unplugged to find a
jack, as port security was in play along witha few other switch
features trying to spoil the fun which if you made a wrong move, the
port was entirely shut down and had to be reset by an administrator.  

At any rate, I'm curious what tools if any are available under Windows
to do deal with VLAN's, finding the VOIP vlan, and dealing with trunk
connection?  If Cain handles all that, it'd be nice to know.  Windows
still makes me nervous for such things as it is AWFULLY chatty on the
wire (and I've never had the need yet to figure out how many services
to disable to quiet it down to an innocuous level).  I'd be interested
in any tricks from other list members on this front too.

Best Regards, 
--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------