begood Posted March 12, 2010 Report Posted March 12, 2010 UCSniff 2.0 breaks new ground in open source security assessment tools with the introduction of the industry’s first IP video security assessment features. Like the original UCSniff, UCSniff enables IT managers and security practitioners to test their UC infrastructure for vulnerabilities that can lead to the unauthorized interception and recording of UC traffic, or targeted eavesdropping.Written in C, and initially released for Linux systems, the software is freely available for anyone to download, under the GPLv3 license. * Extends UCSniff’s targeted user eavesdropping functionality to encompass IP video communications, including phone-to-phone video conferencing * Support for SCCP and RFC 3261 SIP * Automatic decode and re-construction of H.264 video codec * Automatically captures and saves video conference, into two separate AVI format video files, so that the security professional can see what both end users of the Video conference see * Reconstructs entire voice conversation into a separate, single WAV file format fileThe existing features of UCSniff have been further tested and improved upon, including several bug fixes * In Learning mode, dynamically updates the IP address of phone in the event that IP address changes after phone reboot or via DHCP * Allows targeting of VoIP users based on corporate directory and/or extensions * Tracking, interception, and logging of signaling messages used for authentication to voice mail systems * Automatically captures and saves entire voice conversations to a single file that can be played back by media players * Support for G.722 and g.711 u-law compression codecs * Automated VLAN Hop and VLAN Discovery support * A VoIP Sniffer combined with a MitM redirection tool * Monitor Mode (like Wireshark) * Sniffs entire conversation even if only one phone is in source VLAN * Enhanced capability to ARP Poison hosts that have Gratuitous ARP Disabled» Download UCSniff 2.0UCSniff IP Video Sniffer Quote
