[Asterisk-Dev] VoIP Call Sniffer

Tilghman Lesher tilghman at mail.jeffandtilghman.com
Sat Jan 8 21:03:30 MST 2005


On Saturday 08 January 2005 21:27, Rich Adamson wrote:
> > > > So if I use switches does that offer any basic easedroping
> > > > protection.
> > >
> > > On that piece of LAN yes.
> >
> > Not really, no.  All you need to do is to flood the switch with
> > more MAC addresses than can be stored in its internal table (2048
> > addresses for most low-end switches, possibly 65536 addresses on
> > high-end switches) and the switch will automatically switch over
> > to acting like a hub.  Note that because the MAC address space is
> > 48-bit, you would need to have approximately 54 Terabytes to
> > store a table of all MAC addresses with their corresponding IP
> > addresses (which would be needed to defeat this attack).
>
> The original response to the poster was...
> yes, switches do provide one simple layer of security, but one
> should consider multiple layers including userid/passwords,
> encryption, etc. Another responder decided to snip that part, and
> then suggest switches don't offer any security. So this thread has
> gotten way off the original topic.

Well, that's quite simply incorrect.  Switches provide no security
service to your VOIP packets whatsoever.

-- 
Tilghman



More information about the asterisk-dev mailing list