Referent: Daniel Mende: "All your calls belong to us" (Voice over IP Schwachstelle in Cisco Phones)

Mittwoch, den 18. Dezember 2013, um 14:00 Uhr

Im Neuenheimer Feld 368, Seminarraum 432

Liebe Studierende,

am 18.12.2013 um 14 Uhr trägt die Heidelberger IT-Security Firma "ERNW GmbH" einen Vortrag zur Sicherheit von Voice over IP Netzwerken vor. Dieser Vortrag stellt den ersten von mehreren geplanten Vorträgen dar, welche im Rahmen einer Vortragsreihe bezüglich des Themas "IT-Security, Hacking und Security Awareness" veranstaltet  werden.


Modern “Enterprise” VoIP solutions are complex beasts. They usually encompass application servers (e.g. for mailboxes and to provide CTI functions), “infrastructure systems” for authentication or crypto stuff and “intelligent” phones. In the end of the days the inherent complexity means that – while “traditional” VoIP attacks (like re-directing, sniffing and reconstructing calls) might no longer work – we’ve been able to severely compromise any enterprise VoIP environment we’ve pentested in the last twelve months. Based on a number of warstories, in this talk we’ll first lay out the relevant attack vectors and the protocol or device level vulnerabilities enabling those. We will then focus on Cisco’s

Unified Communications solution that seemingly disposes of a mature, certificate based crypto framework protecting both the signaling and the media transport. Well,  seemingly. When closely inspecting the relevant parts and messages, it turns out that at some point all the key material can be replaced by attacker chosen keys. Which effectively means that we’re down to cleartext-like attacks again... We’ll publicly provide a detailed technical explanation of the underlying vulnerabilities, show alive demo sniffing calls in a  presumably fully encrypted environment and – of course – present a tool automating a number of steps of the overall complex attack. A discussion of potential mitigating controls, both on a technical and on the provisioning process level, completes the talk.

Wir würden uns freuen zahlreiche Studierende begrüßen zu dürfen.

webadmin   29.04.2024
zum Seitenanfang