Jason Ostrom, John Kindervag
Colapse all |
Post comment
VoIP Hopping: A Method of Testing VoIP security or Voice VLANs
2007-09-19
Anonymous
Anonymous
Well, it's interesting. This is what we've been doing by hand since 1996, to show that VLAN's aren't the panacea for Security segregation.
I guess now someone has given it a name... we just called it VLAN testing. I guess we should make a tool for other VLAN's, and call it Network Hopping....
[ more ] [ reply ]
I guess now someone has given it a name... we just called it VLAN testing. I guess we should make a tool for other VLAN's, and call it Network Hopping....
[ more ] [ reply ]
VoIP Hopping: A Method of Testing VoIP security or Voice VLANs
2007-09-24
Anonymous
Anonymous
Good summary, really nothing new here though. The vulnerabilities you are describing are more related to a switch port with dynamic trunking. This is far more serious then merely gaining access to the voice VLAN. The VLAN identifier being part of the CDP packet is a matter of convenience....
[ more ] [ reply ]
[ more ] [ reply ]
VoIP Hopping: A Method of Testing VoIP security or Voice VLANs
2007-10-11
Anonymous
Anonymous
There really isn't much here would stop a determined intruder. The vlan info might be able to be found on the phone itself, no sniffing required. Access-lists for voice traffic still leave a wide number of ports open as the protocols have dynamic destinations. These ACL?s should be in place, but it ...
[ more ] [ reply ]
[ more ] [ reply ]
- Enable MAC Address Filtering - This does not improve the security. The IP Phones MAC address can be easily discovered by connecting the IP Phone to the attacker's laptop and sniffing the traffic. Alternatively the MAC address is probably labelled on t...
[ more ] [ reply ]