[Asterisk-Dev] VoIP Call Sniffer
Rich Adamson
radamson at routers.com
Sun Jan 9 05:44:48 MST 2005
> > > > > So if I use switches does that offer any basic easedroping
> > > > > protection.
> > > >
> > > > On that piece of LAN yes.
> > >
> > > Not really, no. All you need to do is to flood the switch with
> > > more MAC addresses than can be stored in its internal table (2048
> > > addresses for most low-end switches, possibly 65536 addresses on
> > > high-end switches) and the switch will automatically switch over
> > > to acting like a hub. Note that because the MAC address space is
> > > 48-bit, you would need to have approximately 54 Terabytes to
> > > store a table of all MAC addresses with their corresponding IP
> > > addresses (which would be needed to defeat this attack).
> >
> > The original response to the poster was...
> > yes, switches do provide one simple layer of security, but one
> > should consider multiple layers including userid/passwords,
> > encryption, etc. Another responder decided to snip that part, and
> > then suggest switches don't offer any security. So this thread has
> > gotten way off the original topic.
>
> Well, that's quite simply incorrect. Switches provide no security
> service to your VOIP packets whatsoever.
Well, everyone on this list seems to have strong opinions, some based on
facts and some based on something far less. Sure would be fun to take
you into some of our banks (and other businesses) and see how quickly
you could record a voip session without being caught. You wouldn't
make it even 5 minutes, but its probably because you're missing the
total point of layered security (including switches).
And, yes I fully understand the switch forwarding tables and man in the
middle approaches without a shadow of a doubt.
end-of-thread
More information about the asterisk-dev
mailing list