Advertisement
Home
Sunday, 23 November 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  8778  71.58%
Win 2003  1950  15.90%
Win 2000  722  5.89%
Solaris 9/10  402  3.28%
FreeBSD  226  1.84%
Other  185  1.51%

Total attacks: 12263 of which 4619 single ip and 7644 mass defacements

Polls
Should Zone-H continue mirroring defacements? (floods will be purged)
 
Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
ZONE-H In Numbers
 News: 14559
 Advisories: 11
 Managers: 1
 Administrators: 1
 Super Administrators: 3
 Operators: 3
 Registered Users: 38293
 Downloadable Files: 3888
 Digital Attacks: 2981160
 Attacks On Hold: 3205
 Online Users: 121
Syndicate
Visitors' Map
Highlight on most recent attacks
jiefanglu.gov.cn/zkn.txt by ZoRRoKiN       ytjj.gov.cn/zkn.txt by ZoRRoKiN       bislig.gov.ph by Ashiyane Digital Security Team       prefeiturajoseraydan.com.br by Fatal Error       semag.taquarussu.ms.gov.br by Fatal Error       pmsaltodolontra.com.br by Fatal Error       cmirituia.com.br by Fatal Error       pmriobrancodoivai.com.br by Fatal Error       prefeituraborrazopolis.com.br by Fatal Error       pmcurionopolis.com.br by Fatal Error       
Latest advisories
Latest on Digital Warfare
Latest on Geopolitics
SIP phone users - beware PDF Print E-mail
User Rating: / 9
PoorBest 
Written by Jakub Maslowski   
Saturday, 01 September 2007

phoneIf you follow news related to IT security then you already know that using VoIP services, that use SIP isn't the safest way to guarantee communication for your home or company. Session Initiation Protocol (SIP) devices can be vulnerable to eavesdropping. That's a fact.

There are tons of hardware and software using SIP, and many of our and your internet providers are also using it. Let me explain how potentially harmful and dangerous this can be for us, the end-users.


Eavesdropping for adversarial purposes is the less danger, and possibility that this will happen, is low. More possible is, that these vulnerabilities will be used in espionage in industry, since these devices are well used in companies.

 

 

Another view is, that intelligence and investigation agencies (like FBI) will use them to wiretap communication. Moreover, full-disclosure list brought in last days more interesting links and informations concerning SIP phones.

Sûnnet Beskerming (Australian IT firm) published comment about implications:


"The research that was published indicates that, for at least one vendor, it is possible to automatically call a SIP device from that vendor and have it silently accept the call, even if it is still on the hook - instantly turning it into a classic bugged phone. Whereas historic telephony bugs needed physical targeting of the line running to a property or place of business, the presence of VoIP in the equation allows bugging from anywhere in the world with equal ability. Now anyone can do from their armchair what only spies and law enforcement used to be able to do from inside the telephone switch / pit / distribution board, though it's still illegal to do so."

It seems that SIP phones and devices are in heavy fire of many security researchers. Exploit for one vendor's SIP has been posted on the net while ago. Cisco SIP devices are vulnerable again DoS attacks. And more will for sure follow.

 

 


Comments Index (Total Messages: 1)
MyToGo For Skype Written by Guest on 2007-09-03 12:24:00

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
< Prev   Next >
[ Back ]
Advertisement
 
Top!
© 2008 Zone-H.org - Unrestricted Information
Joomla! is Free Software released under the GNU/GPL License.
 Top!