Re: VoIP Pen test

On 23 Jan 2008 18:19:01 -0000, <sisram2@xxxxxxxxx> wrote:
Hi Guys,


As mentioned earlier I have come across couple of Cisco routers having only ports 1720 and 5060 OPEN for VoIP service. I have attempted Sivus, SIPscan and Protos Fuzzer but invain.



Did you try port scanning on the TFTP UDP port? Check that
out....there's also a tool called TFTPBruteForcer (in perl) that could
be helpful. Also, sniff on the VLAN (if you can) hosting the VoIP
infrastructure you could get SNMP strings that could give you more
information. Attempt ARP spoofing between 2 systems if you can so you
don't cause a massive DoS and you could potentially steal
conversations with Cain (http://www.oxid.it).

Hope it helps,
Rajat.
--
Rajat Swarup

http://rajatswarup.blogspot.com/

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • Re: Keeping a BT number
    ... Someone from BT has already explained to me that I can't keep the number as a callsign number, and I know that I can't port it over to a voip service (which would be the preferable option, but I don't live anywhere near london). ... BT have a service called Caller Redirect - it announces a new number. ...
    (uk.telecom)
  • Re: iChat video/audio problems
    ... port for their own VOIP service. ... If they block that port then how are they using it for their own service??? ... wouldn't be able to connect to the test server either. ... and it turned out to be a defect in the adsl modem. ...
    (comp.sys.mac.system)
  • VoIP Pen test
    ... As mentioned earlier I have come across couple of Cisco routers having only ports 1720 and 5060 OPEN for VoIP service. ... I have attempted Sivus, SIPscan and Protos Fuzzer but invain. ...
    (Pen-Test)