Tags › sip security
RTP Traffic to 1.1.1.1
Published on Feb 3, 2010 in sip security, voip security
I was reading RIPE Labs’ very interesting post called Pollution in 1/8. The article talks about traffic being sent to the 1/8 address space, which has recently been temporarily allocated. One part of the article caught my eye: “We found that almost 60% of the UDP packets are sent towards the IP address 1.1.1.1 on port 15206 which makes up the largest amount of packets seen by our RRC. Most of these packets start their data section with 0x80, continue with seemingly random data and are padded to 172 bytes with an (again seemingly random) 2 byte value.…
Read more »Getting phonecalls during the middle of the night on your Asterisk server?
Published on Dec 10, 2009 in asterisk, sip security
You’re not alone. People with malicious intentions are scanning for open SIP servers all the time. Aster1sk from Geekhut.org posted a useful video for those of you using a badly configured FreePBX + Asterisk. I’m sure this will be useful for someone..…
Read more »VoIP security workshop at BruCON 2009
Published on Sep 17, 2009 in conferences, sip security, trainings
I’m back in my little island after SEC-T (which had excellent content btw!) but already need to leave again. This time to Brussels for BruCON, and together with Joffrey Czarny, I’ll be hosting a workshop solely dedicated to VoIP security auditing. Joffrey will be focusing on Cisco and other vendors and I’m really looking forward to that! I, on the other hand, will be talking more about freely available software such as Asterisk, Trixbox and X-lite.…
Read more »SEC-T in Sweden and SIPVicious update in svn
Published on Sep 7, 2009 in sipvicious oss, security tools, sip security
Its been a while since I updated SIPVicious, mostly because I have been working on SIPVicious 2.0 (being used in VOIPSCANNER.com). However I decided to add a few new options for svmap and svreport to help me with the research for this new presentation I’ll be giving on Friday at SEC-T in Stockholm, Sweden. The presentation is called “Searching for phones on the Internet” and subtitled “Adventures with SIPVicious”. Will be posting more details on the presentation later on, but lets describe the new features in svmap.…
Read more »VoIPScanner, SIP Digest Leak tutorial and more!
Published on Apr 1, 2009 in sip security, security tools
Check out the tutorial. This security flaw has been getting a bit of attention so I thought of preparing a tutorial on how to use VOIPPACK to demo it. There’s the video that I posted earlier on which shows the attack in action. In the tutorial I explain how to do this step by step on a softphone and a hardphone as well. SIP Digest Leak from Sandro Gauci on Vimeo.…
Read more »How to set up a VoIP lab
Published on Mar 24, 2009 in voip security, sip security
Just published a tutorial called “How to set up a VoIP lab” which provides easy step-by-step instructions on how to get a VoIP lab up and running. Abstract: Have you been wondering about what sort of security vulnerabilities apply to the VoIP network that’s coming up in your next assignment but have no equipment to test on yet? Truth is that most of the times there is no need for a lot of expensive hardware to setup a basic lab for testing VoIP security.…
Read more »Late March updates
Published on Mar 17, 2009 in sip security, sipvicious oss, security tools
It’s about time that we look at SIPVicious again. If you’re making use of the SVN version, please update to the latest svn commit which includes some fixes for bugs that were creating unnecessary traffic. I’m currently planning on a major update of SIPVicious - email me with your suggestions and VoIP needs please ;-) Cleaner and extensible code guaranteed. VOIPPACK gets to target IP Phones this month, with 2 major new modules that highlight what can be done to both hardphones and softphones: Ghostcall and “SIP Digest Leak”.…
Read more »VOIPPACK released
Published on Jan 6, 2009 in sip security
Yep its out! Check out the announcement on EnableSecurity. For more information about VOIPPACK refer to the products page. This video is a demo of sipautohack in action (looks and sounds better than the previous): Demonstrating sipautohack from Sandro Gauci on Vimeo.…
Read more »SIPVicious version 0.2.3 with fingerprinting and dns goodies
Published on Jun 3, 2008 in sipvicious oss, security tools, sip security
Just posted a new version of SIPVicious v0.2.3. This includes some new features as well as bug fixes. However be warned - bugs have been invariably introduced in the course of adding these new features, so please help me test it out ;-) Here’s the link you’ve been looking for. From the Changelog: v0.2.3 Feature: Fingerprinting support for svmap. Included fphelper.py and 3 databases used for fingerprinting. Feature: Added svlearnfp.py which allows one to add new signatures to db and send them to the author.…
Read more »Defcon 15 videos - VoIP related talks
Published on May 2, 2008 in conferences, fuzzing, sip security
Just in case anyone missed Defcon 15 (like I did), here’s two talks of interest with relation to VoIP: T210: INTERSTATE: A Stateful Protocol Fuzzer for SIP by Ian G. Harris T442: Real-time Steganography with RTP by |)ruid For the rest of the videos check out this list. Thanks for Anthony of Iron::Guard for the pointer.…
Read more »