nCircle.com >> 360 Security

« cansecwest/core06 "An hour of Rap and Comedy about SAP" | Main | SCADAGard SIG To Be Established »

cansecwest/core06 "Carrier VoIP Security"

cansecwest/core06
Nico Fischbach – COLT
Carrier VoIP Security

Good presentation about the mess that is old world TDM voice meets new world VoIP and everything in between.
http://cansecwest.com/slides06/csw06-fischbach.ppt

The talk covered all of the protocols at an overview level so that you could understand how everything worked together and where the interdependencies are at the system level.

Most of these systems are running realtime OS’s like QNX/Neutrino, VxWorks, RTLinux. Others are running Windows, Linux and sometimes Solaris. Same damn story:
#1 OS’s not up to date
#2 Not allowed to patch them because it will break something

Tools: vomit, YLTI, VOIPONG, scapy (VoIPoWLAN): effective tools for intercept and replay.

He spoke of a funny story where a good number of switches that had been previously rooted were super stable due to the fact that the talents of the attacker far exceeded that of the system administrator.

In the end, the complexity of these protocols are so high that it is a target rich environment and most transit safeguards (firewalls) are not effective at the carrier level.

--tk

Posted on April 6, 2006 12:12 AM |

Search


About

This page contains a single entry from the blog posted on April 6, 2006 12:12 AM.

The previous post in this blog was cansecwest/core06 "An hour of Rap and Comedy about SAP".

The next post in this blog is SCADAGard SIG To Be Established.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]