Viop hacking (etical hacking)

Ethical Hacking d E hi l H ki and Countermeasures
Version 6 1 V i 6.1

Module XXXVIII VoIP Hacking

News

Source: http://www.itbusinessedge.com/

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

Module Objective

This module will familiarize you with:
• • • • • • • VoIP VoIP Hacking Steps Footprinting Scanning Enumeration E ti Exploiting TheNetwork Covering The Tracks

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

Module Flow
What is VoIP Enumeration

VoIP Hacking Steps Exploiting The Network Footprinting

Scanning

Covering The Tracks

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

What is VoIP
Voice Over Internet Protocol (VoIP)refers to ( ) transmission of voice over IP based networks

Also known as “packet telephony packet telephony”

Uses IP protocol to route voice traffic

Voice is compressed using CODECS-hence bandwidth is utilized efficiently tili d ffi i tl Renowned for its low cost and advantageous to customers in i case of l f long di distance calls ll
EC-Council
All Ri ht R d R d ti Copyright © by EC-Council
i St i tl P hibit d

VoIP Hacking Steps

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

VoIP Hacking Steps
Footprinting

Scanning

Enumeration

Exploiting the Network
EC-Council
All Ri ht R d R d ti Copyright © by EC-

Council
i St i tl P hibit d

Footprinting

EC-Council
All Ri ht R d R d ti

Copyright © by EC-Council
i St i tl P hibit d

Information Sources

Public Web site research

Google hacking

WHOIS and DNS analysis

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

Unearthing Information
Information includes:
Organizational structure and corporate locations Help and tech support Job listings Domain name lookup Phone numbers and extensions VoIPvendor press releases and case studies Resumes Mailing lists and local user group postings Web-based VoIP logins
EC-Council
All Ri ht R d R d ti Copyright © by EC-

Council
i St i tl P hibit d

Organizational Structure and Corporate Locations
Hacker can guess names of employees working in an organization

Check for the location information for branch offices and corporate headquarters toknow the traffic flow between two VoIP call participants

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

Help Desk
Check the sites that hold information from the help desks:
• Phone type yp • Default PIN numbers for voicemail • Links to web administration

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

JobListings
Corporate web sites open up Job li i b i b listings that i l d the h include h information on the technologies used within an organization

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

Phone Numbers and Extensions
Identify internal workings numbers and extensions

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St itl P hibit d

VoIP Vendors
VoIP vendor sites consists of case studies that gives you a detailed information about products and versions and so on

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

Resumes
Resumes provide i f R id information such as: ti h
• Designed and set up a sop st cated S based Vo p oduct o es g ed a d sophisticated SIP-basedVoIP production Asterisk PBX with headsets and X-Lite softphones • "Provided security consulting, VPN setup, and VoIP assistance including CallManager installation with Cisco 7920 IP Phones"

EC-Council
All Ri ht R d R d ti

Copyright © by EC-

Council
i St i tl P hibit d

WHOIS and DNS Analysis
DNS is the distributed database system used to map IP addresses t i th di t ib t d d t b...