Exploiting Voice over IP Networks - Hacking Exposed VoIP

More documents

Recommendations

Info

Agenda• We take a phased approach in presenting the material:— PART I: Casing the Establishment• Chapter 1: Footprinting• Chapter 2: Scanning• Chapter 3: Enumeration— PART II: Exploiting the VoIP Network• Chapter 4: VoIP Network Infrastructure Denial of Service• Chapter 5: Network Eavesdropping• Chapter 6: Network and Application Interception— PART III: VoIP Session and Application Hacking• Chapter 11: Fuzzing VoIP• Chapter 12: Disruption of Service• Chapter 13: VoIP Signaling and Media Manipulation— PART IV: Social Threats• Chapter 14: SPAMMING/SPIT• Chapter 15: VoIP Phishing
PART I Casing the Establishment• Part I. “Casing the Establishment” - The first part is introductory and describes how an attackerwould first scan the whole network and then pick up specific targets and enumerate them with greatprecision in order to proceed with further advanced attacks through or from the hacked VoIPdevices.— “Footprinting”• We begin the book by describing how a hacker first profiles the target organization byperforming passive reconnaissance using tools such as Google, DNS, and WHOISrecords, as well as the target’s own website.— “Scanning”• A logical continuation of the previous chapter, this chapter provides a review of variousremote scanning techniques in order to identify potentially active VoIP devices on thenetwork. We cover the traditional UDP, TCP, SNMP, and ICMP scanning techniquesas applied to VoIP devices.— “Enumeration”• Here, we show active methods of enumeration of various standalone VoIP devices,from softphones, hard phones, proxies, and other general SIP-enabled devices. Plentyof examples are provided, along with a demonstration of SIPScan, a SIP directoryscanning tool we wrote.
Page 1 and 2: Exploiting Voice over IP NetworksMa
Page 3: Shameless plug alert: We just wrote
Page 7 and 8: PART III VoIP Session and Applicati
Page 9 and 10: VoIP Security Pyramid• VoIP secur
Page 11 and 12: IntroductionCampus VoIPPublicVoiceN
Page 13: Agenda• PART I: Casing the Establ
Page 17 and 18: Footprinting• Google the target
Page 19 and 20: Google Hacking• Most VoIP devices
Page 21 and 22: More Google Hacking• inurl:"Netwo
Page 23 and 24: Google Hacking CountermeasuresGathe
Page 25 and 26: Scanning IntroductionGathering Info
Page 27 and 28: Host/Device DiscoveryUsing nmapGath
Page 29 and 30: Port Scanning/Service DiscoveryCoun
Page 31 and 32: Enumeration• Will focus on four m
Page 33 and 34: Enumeration• SIP responses (RFC 3
Page 35 and 36: Enumeration• Use the tool netcat
Page 37 and 38: Enumeration• SIP extensions are u
Page 39 and 40: Directory Scanning• Let’s autom
Page 41 and 42: Directory Scanning on Cisco SIP•
Page 43 and 44: TFTP Enumeration• Go to http://ww
Page 45 and 46: SNMP Enumeration• SNMP is enabled
Page 47 and 48: SNMP Enumeration[root@domain2 ~]# s
Page 49 and 50: Agenda• PART I: Casing the Establ
Page 51 and 52: Attacking The NetworkGaining Access
Page 53 and 54: Attacking The NetworkGaining Access
Page 55 and 56:
Flooding AttacksIntroductionAttacki
Page 57 and 58:
Flooding AttacksCall QualityAttacki
Page 59 and 60:
Flooding AttacksCountermeasuresAtta
Page 61 and 62:
Network Availability AttacksCounter
Page 63 and 64:
Supporting Infrastructure AttacksCo
Page 65 and 66:
Network InterceptionARP PoisoningAt
Page 67 and 68:
Network InterceptionARP PoisoningAt
Page 69 and 70:
Network EavesdroppingIntroductionAt
Page 71 and 72:
Conversation RecordingWiresharkAtta
Page 73 and 74:
Conversation RecordingCain And Abel
Page 75 and 76:
Network EavesdroppingCountermeasure
Page 77 and 78:
Application InterceptionIntroductio
Page 79 and 80:
Application InterceptionCountermeas
Page 81 and 82:
Fuzzing• Fuzzing has already led
Page 83 and 84:
FuzzingINVITE sip:6713@192.168.26.1
Page 85 and 86:
Disruption of ServiceUDP, RTP, TCP
Page 87 and 88:
INVITE Flood
Page 89 and 90:
Signaling Manipulation
Page 91 and 92:
Erase Registrations
Page 93 and 94:
Signaling ManipulationProxyProxyHij
Page 95 and 96:
SPIT
Page 97 and 98:
SPIT• Popularity Dialer (http://w
Page 99 and 100:
VoIP Security Trends• This year a
Page 101 and 102:
Agenda• PART I: Casing the Establ
Page 103 and 104:
Example of Data Threats affecting V
Page 105 and 106:
VoIP Security Trends• This year a
Page 107 and 108:
VOIPSA Update
Page 109:
Thank you!Dendler@tippingpoint.comM
show all

Exploiting Voice over IP Networks - Hacking Exposed VoIP

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?