UCSniff v2.4 in the wild
UCSniff is an exciting new VoIP Security Assessment tool that leverages existing open source software into several useful features, allowing VoIP owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C, and initially released for Linux systems, the software is freely available for anyone to download, under the GPLv3 license
UCSniff was created as a Proof of Concept demonstration tool and a method of creating awareness around VoIP/UC threats. It can be used by VoIP/UC Administrators to test their own VoIP Infrastructure in a pilot before vulnerabilities are rolled into production. It can also be used by security professionals as a method of convincing IT decision makers that security best practices should be applied to VoIP/UC in the same way that they are applied to other TCP/IP based, client-server applications.
Some useful features of UCSniff that have been combined together into a single package:
Feature List
- UC Sniffer with VoIP and IP Video Support
- Automated Voice VLAN Discovery (CDP)
- VLAN Hop Support
- Sniffing across Ethernet Switches
- Automatic creation of forward and reverse RTP media streams into a single file
- Automatic creation of two avi files (forward and reverse video) for H.264 Video codec
- Automatic recording and saving of conversations using G.711 u-law codec
- Automatic recording and saving of conversations using G.722 codec
- MitM ARP Poisoning and host management support
- Monitor Mode (Span Session, Hub)
- Tracking and tracing of users, with logging
- Support for Cisco SIP, Cisco Skinny, RFC 3261 SIP
- Target Mode (Target User, Target Conversation)
- Corporate Directory Tool and functions (ACE)
- ARP Saver Tool to restore network in emergencies
- Detects if Gratuitous ARP is disabled on IP Phone
- Only requires 1 phone (not both) in source VLAN in order to capture entire conversation
Thanks to Maximilano Soler for the notification
Post scriptum
Compliance Mandates
|
