logo

  •   Submit to to del.icio.us   Submit to to digg   submit to to reddit   submit to to StumbleUpon   submit to to Google   Submit to to Yahoo!

Category: news | Posted by Avatar Staff 322 days ago
Via: http://lists.jammed.com | Tags: isn hacking lobby telephone comments Discuss  


http://www.news.com/8301-10789_3-9873864-57.html



By Robert Vamosi

Defense in Depth

February 17, 2008



WASHINGTON -- Two security researchers at ShmooCon demonstrated on

Saturday how a laptop connected to a VoIP telephone could, in some

cases, expose a business' internal network to outsiders.



John Kindervag, senior security architect for Vigilar, said that public

waiting areas in hospitals, conference rooms, and hotel rooms are

particularly vulnerable to this attack since often there is no IT staff

around. Appearing on stage at the East Coast computer hacker conference

with Kindervag was Jason Ostrom, manager of Vigilar's Vulnerability

Assessment and Compliance Practice team, who used the ShmooCon

conference to show off his latest version of VoIP Hopper, a tool he uses

for penetration testing of companies that are running voice over IP

phone systems.



Kindervag said that VoIP was gaining acceptance with large companies and

organizations for many reasons: there are no toll calls over the

Internet; there's less cabling involved; employees can move offices

without having to rewire or change switching operations for their

phones; and finally, voice mail notices can appear in one's Outlook

inbox. "This is very popular among CIOs," Kindervag said.



But Ostrom's tool allows one to hook up a laptop computer to a public

VoIP phone and connect to the company's or organization's internal

network with full administrator access. VoIP Hopper can be used to

intercept Cisco Discovery Protocol (CDP), which announces the device

type and the SNMP agent address of neighboring devices, and

automatically create a new ethernet device. This could allow someone to

map or otherwise do damage to a company's network from a public waiting

area. The tool also allows one to physically remove the phone and have a

laptop spoof the phone's MAC address, so the network is unaware that a

laptop has replaced the expected phone.



To prevent such attacks, the researchers recommend turning off CDP. They

also recommend disabling port 2 on any public VoIP phone, and include

the public phone within a firewall.





___________________________________________________

Subscribe to InfoSec News

http://www.infosecnews.org/mailman/listinfo/isn





addto Add this link to... report Bury 


Comments Who Voted Related Links
Copyright 2005-2008 Best of Security