VoIP security: audit of a blackbox environment

By Nicolas Bareil.

In Proceedings of JSSI du CELAR, pages 89-106, October 2006.

Abstract

We present a blackbox audit of a Cisco VoIP network where we targeted the end-point devices and the protocols involved (SCCP, CDP, TCP/IP stack).

This reports show our methodology, tools implemented for the audit, protocols reverse engineering, binary analysis and finally, some abnormal behaviors encountered.

Material

Slides (PDF, in french)

References

@inproceedings{Bareil:jssicelar2006,
        Author = {Nicolas Bareil},
        Booktitle = {{Les Journ{\'e}es S{\'e}curit{\'e} des Syst{\`e}mes d'information du CELAR}},
        Pages = {89--106},
        Publisher = {{Centre {\'E}lectronique de L'Armement (CELAR)}},
        Title = {{S{\'e}curit{\'e} des syst{\`e}mes VoIP : exemple d'un test blackbox}},
        Url = {http://www.rennes.supelec.fr/JSSI/},
        Year = {2006}}

Date: 2010-07-08 13:59:04 CEST