Nytro Posted November 21, 2011 Report Posted November 21, 2011 Enumerating and Breaking VoIPIntroductionVoice over Internet Protocol (VoIP) has seen rapid implementation over the past few years. Most of the organizations which have implemented VoIP are either unaware or ignore the security issues with VoIP and its implementation. Like every other network, a VoIP network is also susceptible to abuse. In this article, I would discuss about various enumeration techniques followed by demonstration of few VoIP attacks. I deliberately will not go to protocol level details as this article is aimed at Penetration Testers who want to get a taste of the basics first, though it is strongly encouraged to understand the protocols used in VoIP networks.Possible attacks against VoIPDenial of Service (DoS) attacks Registration Manipulation and Hijacking Authentication attacks Caller ID spoofing Man-in-the-middle attacks VLAN Hopping Passive and Active Eavesdropping Spamming over Internet Telephony (SPIT) VoIP phishing (Vishing)Download:http://www.exploit-db.com/download_pdf/18136 Quote
