Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Vista
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
Penetration Testing
Back to list
|
Post reply
VoIP Attacks
Jul 18 2008 09:49PM
contebral web de
(1 replies)
RE: VoIP Attacks
Jul 22 2008 01:31PM
Sergio Castro (sergio castro unicin net)
(1 replies)
Re: VoIP Attacks
Jul 25 2008 08:21PM
infolookup gmail com
Try looking into Voip-Hopper I saw a nice video presentation of this from the Shmoocon 2008 security conference.
Sent from my Verizon Wireless BlackBerry
-----Original Message-----
From: "Sergio Castro" <sergio.castro (at) unicin (dot) net [email concealed]>
Date: Tue, 22 Jul 2008 08:31:59
To: <contebral (at) web (dot) de [email concealed]>; <pen-test (at) securityfocus (dot) com [email concealed]>
Subject: RE: VoIP Attacks
Well, you can do ARP poisoning to launch a MITM attack, and intercept VoIP
calls, including DTMF tones. Then you can use a tone decoder to get the
confidential banking numbers that where keyed into the IVR.
Try using Cain for the VoIP intercept, and ToneDecoder for tone decoding.
- Sergio
-----Mensaje original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] En
nombre de contebral (at) web (dot) de [email concealed]
Enviado el: Viernes, 18 de Julio de 2008 04:49 p.m.
Para: pen-test (at) securityfocus (dot) com [email concealed]
Asunto: VoIP Attacks
Hello Folks,
Classical Attacks vectors against VoIP like SPIT (VOIP SPAM) and VoIP
Phishing are well known and documented. i'm curious if there exists other
client side attacks against voip that may compromise confidential calls
e.g. Telephon Banking or similar applications.
THX
_____________________________________________________________________
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
__________ NOD32 3283 (20080721) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[ reply ]
Privacy Statement
Copyright 2008, SecurityFocus
Sent from my Verizon Wireless BlackBerry
-----Original Message-----
From: "Sergio Castro" <sergio.castro (at) unicin (dot) net [email concealed]>
Date: Tue, 22 Jul 2008 08:31:59
To: <contebral (at) web (dot) de [email concealed]>; <pen-test (at) securityfocus (dot) com [email concealed]>
Subject: RE: VoIP Attacks
Well, you can do ARP poisoning to launch a MITM attack, and intercept VoIP
calls, including DTMF tones. Then you can use a tone decoder to get the
confidential banking numbers that where keyed into the IVR.
Try using Cain for the VoIP intercept, and ToneDecoder for tone decoding.
- Sergio
-----Mensaje original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] En
nombre de contebral (at) web (dot) de [email concealed]
Enviado el: Viernes, 18 de Julio de 2008 04:49 p.m.
Para: pen-test (at) securityfocus (dot) com [email concealed]
Asunto: VoIP Attacks
Hello Folks,
Classical Attacks vectors against VoIP like SPIT (VOIP SPAM) and VoIP
Phishing are well known and documented. i'm curious if there exists other
client side attacks against voip that may compromise confidential calls
e.g. Telephon Banking or similar applications.
THX
_____________________________________________________________________
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
__________ NOD32 3283 (20080721) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[ reply ]