Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security Bug Technology

Researchers Find Method To Own VoIP Phones, Silently Listen To Any Call 36

Trailrunner7 writes: Researchers have uncovered a simple method for compromising some common VoIP phones, enabling them to listen to victims' calls covertly or use the phones to make expensive or fraudulent calls. The attack takes advantage of the fact that the affected phones don't have any authentication set up by default, but do have a vulnerability that is open to remote exploitation. A victim who has one of the vulnerable phones connected to a network and uses a PC on that network to visit a malicious site can be open to the attack. Paul Moore, a security consultant in the U.K., detailed the problem and demonstrated an attack on a Snom 320, a popular VOIP phone.
This discussion has been archived. No new comments can be posted.

Researchers Find Method To Own VoIP Phones, Silently Listen To Any Call

Comments Filter:
  • Using VOIP hardware has risks and then conducting sensitive commercial or political discussions may not always be wise.
    Use VOIP to talk about any product, service or policy thats out in public.
    Keep sensitive discussions face to face. It might take a few hours or a 5 day round trip but it will be a bit more secure.
    • by ls671 ( 1122017 )

      Nothing specific to voip here. The attack exploits a network attached device (IoT?) that runs a web server accessible without any form of authentication. It is just a variant of other IoT device attacks; web camera, temperature controller etc.

      Shut the damned web server off on the device or at least choose a user name and password to allow access to it...

  • "A victim who has one of the vulnerable phones connected to a network and uses a PC on that network to visit a malicious site can be open to the attack."

    What desktop Operating System does this exploit run on?
    • Well I think the question is, what phones are included in the list of "vulnerable phones"?

      They only mention on model, the "Snom 320". So is this a problem with a particular model of phones, a particular design, or a particular protocol? Is it a widespread problem?

      • by amorsen ( 7485 )

        The problem is pretty much inherent to all web-manageable VoIP phones. Which is all of them.

        If they have any web-based vulnerabilities, an attacker can use any browser on the same network to exploit those vulnerabilities.

    • Doesn't really matter; if you can sniff any traffic you can usually get the SIP authentication credentials. You can use SIPS instead, but it has issues. You can also use encryption just for the session management and keep the audio unencrypted, which will prevent spoofing credentials but not eavesdropping.

      Once you have the information it is just a challenge of proxying the information out.

    • Narrator: A major one.

  • so....don't use VoIP for anything.
    • by aaarrrgggh ( 9205 ) on Thursday February 18, 2016 @07:50PM (#51538755)

      Pretty much. We looked at the cost and challenges for encrypting SIP communications on our local LAN, and it just wasn't worth the hassle. We will segregate the phones onto a separate VLAN, but the value is limited; SIP deployments really aren't focused on security yet.

      We control the financial aspect by carrier-enforced rules which prevent toll calls. Much more effective. (We do have a way to make calling card calls through our Asterisk system that is sufficiently locked down and only has $100 or so at risk.)

      • by kiss7 ( 1501315 )
        What about SRTP and ZRTP? No segregation is needed for these to work (Will work also over the internet automatically using these encryption methods between supported endpoints). Also there are solution for companies which can handle encryption transparently such as the mizutech voip tunnel.
      • Pretty much. We looked at the cost and challenges for encrypting SIP communications on our local LAN, and it just wasn't worth the hassle. We will segregate the phones onto a separate VLAN, but the value is limited; SIP deployments really aren't focused on security yet.

        We control the financial aspect by carrier-enforced rules which prevent toll calls. Much more effective. (We do have a way to make calling card calls through our Asterisk system that is sufficiently locked down and only has $100 or so at risk.)

        What system are you using that doesn't inherently support SIP authentication?
        http://www.voip-info.org/wiki/... [voip-info.org]

        The biggest risk for most implementations is toll theft so while encryption may not be necessary you should still be able to authenticate call setup and control.

  • Hilarious: the web page says "Thank you for choosing Snom! German engineered!"

    I'm pretty sure that VW proved that "German Engineering" didn't mean much.
    • There WERE other brands of voip phones, but Snom has ethnically cleansed them all.
    • I'm pretty sure that VW proved that "German Engineering" didn't mean much.

      In der auto, it means that it will be awesome for a decade or so tops and then take all your money if you don't step away. VW only failed at diesels. Amusingly, Mazda said their diesel could meet US emissions but it would feel like a VW in performance and that wasn't good enough

    • by swb ( 14022 )

      I'd say dynamically recognizing emissions testing and changing the operating parameters to pass testing and then changing back to more power for driving IS pretty sophisticated engineering.

  • If an intruder has physical access to your damn network, you have a LOT more to worry about than VOIP/SIP calls they might be sniffing.

  • This sort of seems like common sense to me... not really sure that this is newsworthy...

    The thing is, a lot of RTP streams are unencrypted anyway and can easily be slurped up by any packet sniffer.... right?

    So, equally newsworthy would be a headline that states that open wifi hotspot maintainers can listen in on your phone calls...

Research is what I'm doing when I don't know what I'm doing. -- Wernher von Braun

Working...