By Adam Stone
October 6, 2008
Can someone eavesdrop on your enterprise VoIP calls? Almost certainly.
It hasn't been talked about much in the press but the simple fact is,
these networks are vulnerable to snooping.
Jason Ostrom is ready to prove it.
As director of Sipera Systems' VIPER (Voice over IP Exploitation
Research) Lab, Ostrom has been busy devising ways to sniff out VoIP
vulnerabilities. He's just released VIPER's latest offering, UCSniff, a
free tool capable of listening in on calls within an enterprise. Lots of
UCSniff has two modes. First it can 'learn,' discovering all phones and
extensions on a network and mapping their addresses. Within learning
mode the program also can launch a 'directory module,' sucking out
contact data from a user's directory and adding that information to its
Having learned its way around the system, UCSniff can then 'target'
users for eavesdropping, picking out individual phones by extension in
order to zero in on calls made by a particular caller.
It gets better. Rather than just hearing one side of a conversation,
UCSniff is bi-directional. Using G.711 and G.722 codecs, the program can
automatically listen in on and record both sides of a conversation. This
has ramifications. Suppose the VP of Sales is chatting about strategy
with the CEO. What's it worth to the competition to know what is being
said? If UCSniff can hear it, that's pretty solid evidence that the bad
guys can too.
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!