User Control Panel
Search iVirtua
Advanced/Tag Search...
Search Users...
What is iVirtua Exclusive Community?
  • An exclusive gaming industry community targeted to, and designed for Professionals, Businesses and Students in the sectors and industries of Gaming, New Media and the Web, all closely related with it's Business and Industry.
  • A Rich content driven service including articles, contributed discussion, news, reviews, networking, downloads, and debate.
  • We strive to cater for cultural influencers, technology decision makers, early adopters and business leaders in the gaming industry.
  • A medium to share your or contribute your ideas, experiences, questions and point of view or network with other colleagues here at iVirtua Community.
Guest's Communication
Live Chat
Teamspeak (VOIP) Audio Conference
Private Messages
Check your Private Messages
Themes
Choose an iVirtua Community theme to reflect your interests...
Business Theme
India/Arabic Theme

Gaming Theme
iVirtua Recommends
Fly Emirates Advertising
Keep hackers from eavesdropping on VoIP calls
Digg This Digg Topic Tag it on del.icio.us Tag topic on On del.icio.us Technorati Search Technorati Search Post to Slashdot Post to Slashdot
You are currently in Hardware, Internet, Networking, Comms and Security
Post new topic Reply to topic
Fri Jul 13, 2007 3:25 pm Reply and quote this post
I saw this over at techrepublic blogs
http://blogs.techrepublic.com.com/security/?p=252
Quotes below are from the above article.

One of the most well-known VoIP hacking tools is VOMIT, which stands for Voice Over Misconfigured Internet Telephones. But it doesn’t actually capture the VoIP packets. For that, you’ll need a “sniffer” program (such as Ethereal/Wireshark ( http://www.wireshark.org/ ) or Angst ( http://freshmeat.net/projects/angst )) or “dumping” tools such as pcapsipdump ( http://sourceforge.net/projects/psipdump ).

Another popular VoIP hacking utility is VoIPong ( http://oreka.sourceforge.net/ ). This tool detects VoIP calls on a network and creates .wav files of conversations.
Quote:
Like VOMIT, VoIPong runs on Linux and other UNIX-based operating systems. But it processes VoIP packets regardless of the VoIP protocol, so you can use it to hack SIP and H.323 VoIP transmissions as well as Cisco’s Skinny-based ones. VoIPong is open source software freely distributed under the GNU General Public License.


Cain & Abel ( http://www.oxid.it/ )
Quote:
is a popular sniffer that can capture and crack passwords; it captures many types of traffic along with VoIP calls. It extracts audio conversations that use the SIP and RTP protocols and supports a number of different codecs, including G711, GSM, DVI, LPC, and many more.


So to prevent the use of those tools....

    Keep the VoIP network separate from the data network. Although this does negate some advantages of VoIP — such as simplified administration through convergence — it also provides a smaller attack surface and exposes the VoIP network to fewer threats.

    You can use virtual LAN (VLAN) technology to create a logical separation if you don’t want to go with a full-fledged physical separation.

    Use authentication to ensure that those connecting to the VoIP network from the outside are really who they purport to be.

    Use encryption so that if hackers manage to capture VoIP packets, they won’t be able to easily decipher them.

    Use VoIP-aware firewalls and an intrusion detection system/intrusion prevention system (IDS/IPS).


Do you do that?

Contributed by Editorial Team, Executive Management Team
372659 iVirtua Loyalty Points • View ProfileSend Private MessageBack to Top

Sat Jul 14, 2007 12:47 pm Reply and quote this post
That's why I use Skype since they use encryption:
Quote:
Is Skype secure?

    Yes. When you call another Skype user your call is encrypted with strong encryption algorithms ensuring you privacy. In some cases your Skype communication may be routed via other users in the peer-to-peer network. Skype encryption protects you from potential eavesdropping from malicious users.

Why are Skype calls encrypted?
    Skype is encrypted end-to-end because it uses the public Internet to transport your voice calls and text messages and sometimes these calls are routed through other peers. Skype encryption ensures that no other party can eavesdrop on your call or read your instant messages.

What type of encryption is used?
    Skype uses AES (Advanced Encryption Standard) – also known as Rijndael – which is also used by U.S. Government organizations to protect sensitive, information. Skype uses 256-bit encryption, which has a total of 1.1 x 1077 possible keys, in order to actively encrypt the data in each Skype call or instant message. Skype uses 1024 bit RSA to negotiate symmetric AES keys. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates.

Contributed by pentapenguin, iVirtua Expressed Contributor
1926 iVirtua Loyalty Points • View ProfileSend Private MessageBack to Top

Related Articles
Post new topic   Reply to topic


Page 1 of 1

iVirtua Latest
Latest Discussion

Discuss...
Latest Articles and Reviews

Latest Downloads
Subscribe to the iVirtua Community RSS Feed
Use RSS and get automatically notified of new content and contributions on the iVirtua Community.


Tag Cloud
access amd announced applications author based beta building business card case company content cool core course cpu create data deal dec demo design desktop developers development digital download drive email feature features file files firefox flash free future gaming google graphics hardware help industry information intel internet iphone ipod jan launch linux lol love mac market media memory million mobile money movie music net nintendo nov nvidia oct office official online patch performance playing power price product program ps3 pst publish ram release released report rss sales screen search security sep server show size software sony source speed support technology thu tue update video vista war web website wii windows work working works xbox 360 2006 2007 2008

© 2006 - 2008 iVirtua Community (UK), Part of iVirtua Media Group, London (UK). Tel: 020 8144 7222

Terms of Service and Community RulesAdvertise or Affiliate with iVirtuaRSSPress Information and Media CoverageiVirtua Version 4PrivacyContact