Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: pentesting voip network-please help

From: Nick <godaemon () gmail com>
Date: Tue, 09 Feb 2010 09:25:44 +0200
Yiannis Koukouras wrote:

Unfortunately not. Cain is basic in this category.
It's true, if you want it to be done seriously....Backtrack is the answer...


To do something seriously the only way is to have knowledge of it.
If you have knowledge about the subject then you are going to find the right "tool" 
N

Ioannis (Yiannis) Koukouras
CISSP, CISA, CISM
MSc in Computer Systems Security
BEng in Electronic Engineering
http://www.linkedin.com/in/ikoukouras
---
The information contained in this communication is intended solely
for  the  use  of the individual or entity to whom it is addressed
and others authorized to receive it.  It may  contain confidential
or legally privileged information.  If  you  are  not the intended
recipient you are hereby notified that  any  disclosure,  copying,
distribution  or  taking any action in reliance on the contents of
this  information  is  strictly  prohibited  and  may be unlawful.

If you have received this communication in error, please notify the
sender immediately  by  responding  to this email and then delete
it from your system.



On Fri, Feb 5, 2010 at 8:05 PM, Todd Haverkos <infosec () haverkos com> wrote:

Yiannis Koukouras <ikoukouras () gmail com> writes:


Cain & Abel has also a very good VOIP sniffing feature. :)

Does it work in Cisco environments though?  I honestly don't know.

Absent a way to get onto the VOIP vlan , it's nice features would be
sadly useless.  In most Cisco deployments, the phones themselves and
all the call traffic are on a dedicated VLAN.

When I've done such assessments, I've used voiphopper under Linux to
dot he CDP dissection to find the VLAN and create the virtual
interfaces and grab DHCP and the like.  I also recall having to spoof
the MAC of my box to impersonate the Cisco phone I unplugged to find a
jack, as port security was in play along witha few other switch
features trying to spoil the fun which if you made a wrong move, the
port was entirely shut down and had to be reset by an administrator.

At any rate, I'm curious what tools if any are available under Windows
to do deal with VLAN's, finding the VOIP vlan, and dealing with trunk
connection?  If Cain handles all that, it'd be nice to know.  Windows
still makes me nervous for such things as it is AWFULLY chatty on the
wire (and I've never had the need yet to figure out how many services
to disable to quiet it down to an innocuous level).  I'd be interested
in any tricks from other list members on this front too.

Best Regards,
--
Todd Haverkos, LPT MsCompE
http://haverkos.com/


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 
http://www.iacertification.org
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 
http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: