[asterisk-users] Security tests
Gordon Henderson
gordon+asterisk at drogon.net
Thu Apr 22 13:06:15 CDT 2010
On Thu, 22 Apr 2010, Philipp von Klitzing wrote:
> Hi!
>
>> But it draws attention to me between the PC with softphone and the
>> telephone I see traffic ARP or ICMP that could make to try between the
>> equipment but does not see RTP. Is there some special consideration that
>> it must to observe?
>
> Your English is seriously twisted, making your question impossible to
> understand. My feeling is that you have used a machine translation
> service.
>
> Your question is probably:
> "I can see ARP and ICMP, but not RTP, what am I missing?"
>
> How did you place your virtual "listening" machine into the network, is
> it connected to an old hub, or a switch, or the mirroring port of a
> switch, or does it use the same NIC (and computer) as the softphone? You
> will first need to get "in between" the two endpoints in order to be able
> to capture that point-to-point RTP traffic - there are "normal" and
> "malicious" ways to achieve that.
Depends on what you consider malicious :)
ARP Cache poisoning is considered fairly normal by some these days...
However the easiest way to capture data is on the asterisk server
itself...
Gordon
More information about the asterisk-users
mailing list