Wednesday, June 25th, 2008
VoIPER is a security toolkit that aims to allow developers and security researchers to easily, extensively and automatically test VoIP devices for security vulnerabilties. It incorporates a fuzzing suite built on the Sulley fuzzing framework, a SIP torturer tool based on RFC 4475 and a variety of auxilliary modules to ...
Posted in Internet, Networking, Privacy, Security | No Comments
Saturday, June 21st, 2008
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords ...
Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Tuesday, June 17th, 2008
A common compression technique can make internet telephone calls significantly more susceptible to bugging, according to recent research from Johns Hopkins University.
Internet telephony has become widely used through consumer-centric applications such as Skype, and is becoming more common in enterprises.
The new research suggests, however, that standard encryption and compression methods, ...
Posted in Internet, Networking, Privacy, Security | No Comments
Friday, June 13th, 2008
In recent months, Web site compromises have become the most prevalent problem that threatens Internet users from all over. While this trend continues to dominate today’s security issues, let’s not forget about other threats that, although may be not as massive as these attacks, have equally serious ramifications against the ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, June 11th, 2008
SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of four tools:
svmap - this is a sip scanner. Lists SIP devices found on an IP range
svwar - identifies active extensions on a PBX
svcrack - an online password cracker for ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Monday, June 9th, 2008
The number of interested parties eager to listen in on your online conversations, including what you type through instant messaging, has never been higher.
It's trivial to monitor unencrypted wireless networks and snatch IM passwords as they flow through the ether. Broadband providers and their business partners are enthusiastically peeking into ...
Posted in Internet, Privacy, Security, Software | No Comments
Wednesday, April 16th, 2008
With JJ blogging about 802.1x, I thought it would be timely to talk about why I think small and medium sized enterprises (SMEs) do not and probably never will deploy 802.1x for wired networks.
I make a point of meeting with customers whenever I can. Amongst the small and medium ...
Posted in Hardware, Internet, Networking, Privacy, Security | No Comments
Tuesday, April 15th, 2008
While most VoIP-related vulnerabilities are posted to the VOIPSA mailing list or blog, I thought it might be useful to have a informal quarterly summary of sorts among VoIP devices per searches from NIST. I hope folks find it helpful, and of course post comments if I’ve overlooked anything from ...
Posted in Hardware, Internet, Networking, Security, Software | No Comments
Saturday, March 8th, 2008
Security analysts are warning of another malicious software program masquerading as an installer file for Skype.
The program sends the victim's Skype credentials, as well as any other logins or passwords stored in Internet Explorer, to another server, wrote Villu Arak, a Skype spokesman based in Tallinn, Estonia, on a Skype ...
Posted in Internet, Privacy, Security | No Comments
