Sjur Usken

Views on new technologies and business opportunities from Sjur Usken

But the Romanians keep hacking..

32 people was apprehended in Romania, but the VoIP hacking continues from this country. Low wages, highly educated people and not too many jobs often forces people to start hacking, combined with low risk of being caught.

This was from IP caught in a SIP honeypot belonging to Honeynet Project.

REGISTER sip:IP.removed SIP/2.0
Via: SIP/2.0/UDP;rport;
From: <sip:1234@IP.removed>;tag=3202
To: <sip:1234@IP.removed>
Call-ID: 14862
Contact: <sip:1234@>
Max-Forwards: 70
User-Agent: Linphone/ (eXosip2/3.3.0)
Expires: 3600
Content-Length: 0

Normal procedures is to use SIPvicious to do scanning, then use Linphone or other softphone to test out if you can dial out on the discovered IP PBX.

VoIP admins, do a pen-test on your own system and lock it down. This is, sadly, just the start….


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: