[Voptalk] Caller ID spoofing using SiVus

Peter Thermos pthermos at vopsecurity.org
Sat May 17 09:58:21 EDT 2008 

Although SiVuS does not support the complete functionality of a UA (i.e.,
SIP phone) with audio/video input/output it does provide the ability to
demonstrate the concept of Caller-ID spoofing when proper security controls
are not in place.
 
The issue with a VoIP implementation allowing for caller ID spoofing is
based on the inability to verify the subscriber's identity properly.
 
You can build a fully functional service spoofing caller-id using a SIP
proxy, Asterisk or another soft-PBX. Furthermore, if you route your call
through a TDM network (PSTN) you  may be able to spoof your number depending
on the type of ANI they use (Flex/Real-time). Typically, caller ID spoofing
now days is easier when you route your traffic through a VoIP provider.
 
Going back to the original question, you can demonstrate that an
implementation is vulnerable to caller-ID spoofing attack (among other
attacks) using the SIP messenger in SiVuS without establishing a complete
session. So the tool provides you an easy way to validate and demonstrate
the basic concept. If you want to establish a call you can configure a SIP
proxy (or even a soft phone depending on the implementation) with the tel.
number you want.
 
You can be very creative as to how you can spoof your caller-id... :-)
 
PT
 
 


  _____  

From: voptalk-bounces at lists.vopsecurity.org
[mailto:voptalk-bounces at lists.vopsecurity.org] On Behalf Of Mouza Al-Nayeli
Sent: Saturday, May 17, 2008 9:27 AM
To: voptalk at lists.vopsecurity.org
Subject: [Voptalk] Caller ID spoofing using SiVus


Hello,

I would like to ask about the Caller ID spoofing attack in VoIP. Whenever
I'll be able to
call some other entity with a spoofed ID using SiVus, then I won't be able
to continue
the conversation, since it is only an INVITE packet. So where the security
risks come 
from??

I'm looking forward to hearing from you soon,
-- 
Mouza Al-Nayeli
Information Security
200413011
----------------------------------------------------------------------------
--------------------------------------------------
"Verily, Allah does not change people's condition unless they change their
inner selves" 
Holy Quran

[ 60 years would have passed since the Palestinian Nakba, hopefully won't
increase!! ] 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.vopsecurity.org/pipermail/voptalk/attachments/20080517/e1f39c83/attachment.html

More information about the Voptalk mailing list