1. InfoSec & VoIP
Laboratorio de conmutación
Jesús Pérez Rubio
jesus.perez@quobis.com
@jesusprubio
25/09/2012
http://www.quobis.com
2. Contents
- VoIP fraud examples
- VoIP threats "in the wild"
- VoIP & DoS (flood)
- Demo: Metasploit SIPflood module
- Countermeasurements
- Exercise notes
5. VoIP threats "in the wild"
- NO eavesdropping, password cracking, etc. (this time)
-> Encryption
- Extension/password brute-force
- INVITE attack
- Default web panel passwords
- DoS/DDoS flood
22. Exercise notes
-Option 3: you will configure Kamailio for Drake Island. This island has been a
pirate refuge for centuries. This tradition survives and nowadays this island has the
world highest cracker rate per km2. Last year we used SIPvicious toolkit to test the
security of our Kamailio server. Though simple, it’s quite powerful, hacker community
skills improve day after day so you must use more powerful tools. That’s the reason
why this year will use the Metasploit modules implemented by our colleague jesus.
perez@quobis.com to simulate DoS, DDoS and extension brute-force attacks. Your
challenge in the practice option will be implement as many attacks and security
methods as you can. The security of this operator is in your hands. The international
prefix assigned for Drake Island is: 001788[6-7]
- References
- Any usefull (not exposed) generic attack/countermeasurement
accepted
- Metasploit SIP scan module (options.rb) bug -> SIPVicious accepted
DEFENSE!! 1 attack vector -> 1 defense mechanism