Re: VoIP security

From: Pbt (info16_at_unsigned.ath.cx)
Date: 04/21/05

  • Next message: Jonathan Loh: "RE: Hacked (...still cleaning)"
    To: Seth Art <sethart@gmail.com>
    Date: Thu, 21 Apr 2005 09:44:50 +0200
    
    
    

    It depends... What kind of protocol is used in her case ?
    But sincerely, SRT(C)P is/are not often seen and if it's a SIP phone, it
    may use SIP & RTP only... So, using a sniffer, sox, vomit or smth else
    would be sufficient to decode packets and get her credit card
    information.

            Pierre

    Le mercredi 20 avril 2005 à 09:52 -0400, Seth Art a écrit :
    > My coworker had an interesting question. She had to validate her
    > credit card number over the phone using her social and other sensitive
    > information. She has a VoIP router from her ISP. The question: Are
    > the VoIP packets encrypted as they go across the wire? Or can
    > someone sniffing in the right place capture all of that sensitive VoIP
    > traffic and reassemble her CC# and SS# from the tones? Is this
    > somethign that might be an issue in the future or is there already an
    > answer out there?
    >
    > -Seth

    -- 
    Pbt
    
    



  • Next message: Jonathan Loh: "RE: Hacked (...still cleaning)"