- Friday, 9 January 2009
- INQ Mobile
- RSS Feed
Do you slow down when you see a crash on the Superinformation Highway?
Voice over IP hacking is easy
AN insecurity expert has worked out a way to hack into Voice over IP calls.
UK-based VoIP expert, Peter Cox has released proof-of-concept software that can eavesdrop on the VoIP-based phone calls.
Called SIPtap, the software snuffles around several VoIP call streams, earwigs in on them and records them as .wav files for later distribution.
All it takes is one trojan installed in the company's network and it is good night Vienna for your VoIP network.
Cox claims that the hack would work at ISP level too.
Cox said that he was inspired to write the software after chatting to encryption guru Phil Zimmermann, creator of Zfone. Zimmerman was the bloke who designed a system to protect against SIPtap-like hacking by using VoIP call encryption.
Cox's system would not help Inspector Knacker of the German Yard with its Skype woes . Although it might be possible for them to tap the phone, they would not be able to deal with the encryption.
In fact the only way around Cox's hack is to install some reasonable encryption tools.
More here. µ
Share this:
Business Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
Is this serious ? Wireshark, Cain and Abel, and another half dozen tools have been able to save VoIP calls (actually RTP streams) as .wav files for years. Tapping unencrypted VoIP calls is indeed very easy, almost as easy as getting free advertisement from gullible journalists.
"Worked out a way", I love it :) There are PLENTY of voip hacking tools in the Internet! There is nothing NEW about it! Sheesh.