[Asterisk-Dev] VoIP Call Sniffer
Peter Svensson
psvasterisk at psv.nu
Sat Jan 8 15:11:41 MST 2005
On Sat, 8 Jan 2005, Rich Adamson wrote:
> Yes, some. Switches forward packets at layer two (mac address), and learn
> the location of each mac address by listening to packets. Once it has
> learned the switch ports associated with the mac address, the switch will
> _not_ forward sip or rtp traffic to other ports not associated with the
> sip/rtp session.
Note that the security is a weak one. Several methods for subverting the
separation of hosts offered by a level 2 switch exist. Tools exist to
automate the explotation most of these weaknesses. See e.g.
http://www.sans.org/resources/idfaq/switched_network.php
A switch should be seen more as a network optimization than a security
feature.
Peter
More information about the asterisk-dev
mailing list