Security Basics mailing list archives
Re: VoIP security
From: Pbt <info16 () unsigned ath cx>
Date: Thu, 21 Apr 2005 09:44:50 +0200
It depends... What kind of protocol is used in her case ? But sincerely, SRT(C)P is/are not often seen and if it's a SIP phone, it may use SIP & RTP only... So, using a sniffer, sox, vomit or smth else would be sufficient to decode packets and get her credit card information. Pierre Le mercredi 20 avril 2005 à 09:52 -0400, Seth Art a écrit :
My coworker had an interesting question. She had to validate her credit card number over the phone using her social and other sensitive information. She has a VoIP router from her ISP. The question: Are the VoIP packets encrypted as they go across the wire? Or can someone sniffing in the right place capture all of that sensitive VoIP traffic and reassemble her CC# and SS# from the tones? Is this somethign that might be an issue in the future or is there already an answer out there? -Seth
-- Pbt
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- VoIP security Seth Art (Apr 20)
- Re: VoIP security Champ Clark [Vistech] (Apr 21)
- RE: VoIP security David (Apr 21)
- Re: VoIP security Pbt (Apr 21)
- <Possible follow-ups>
- RE: VoIP security Joshua Berry (Apr 21)
- Re: VoIP security Mihai Amarandei (Apr 22)
- RE: VoIP security Drumm, Daniel (Apr 22)
- RE: VoIP security Anil Saini (Apr 25)
- Re: VoIP security Champ Clark [Vistech] (Apr 25)