Cisco VoIP Phones – A Hackers Perspective

Corelan Team (chap0) July 27, 2010
This article has 7,218 views

ciscophones Introduction

In the world of VoIP phones, each person may look at them differently. For some, an annoyance that sit on their desk, or maybe for some it is simply a part of their job either deploying them or as a help desk position taking phone calls all day. This could even go as far as some people that just use them on a daily basis at home or in a lobby. But what about in a professional Penetration Tester’s mind? What kind of simple yet sensitive information are we leaving out in the open for malicious users?

VoIP security is important to understand what vulnerabilities we may be leaving out in the open just waiting for malicious people to crawl our network by gaining information from these VoIP phones. Here presented a document about Cisco VoIP Phones and what an attacker may be looking for, what information they may gain by using these VoIP phones as their target, and ending this document with an example case study utilizing UCSniff on a VoIP network capturing VoIP conversations!

Contents

  • Intro
  • VoIP Phones – What they advertise
  • Is this line secure?
  • Conclusion
  • References

Download

You can download the paper here :

  Cisco Voip - A Hackers Perspective (698.9 KiB, 1,640 hits)



Similar/Related posts:

Default ThumbnailFree Tool – Cisco Ironport C350 Safelist / Blocklist merge utility Default ThumbnailCisco switch IOS cheat sheet Default ThumbnailJuniper ScreenOS : defeating iBGP full mesh requirement using route reflectors and confederations Default ThumbnailScript to backup Cisco switches via telnet / tftp

Tags:

© Corelan Consulting BV. All rights reserved. ​The contents of this page may not be reproduced, redistributed, or republished, in whole or in part, for commercial or non-commercial purposes without prior written permission. See the Terms of Use and Privacy Policy for details.

3 thoughts on “Cisco VoIP Phones – A Hackers Perspective”

Comments are closed.