No. 1 Story

Technology reinforces generation gap

If you believe that technology could be bridging the generation gap, think again. According to Deloitte’s first State of the Media report it’s as stark as ever.

read more

Related Articles

UCSniff, VoIP, Security, Tool, Released
Australian businesses are becoming soft targets for malicious hackers and they lag significantly behind...
To address the ever growing concerns of CIOs around security of mobile devices, US...
Juniper Networks has extended its SSL VPN security to the iPad with the release...
A recent survey by security company Sophos exposes the dilemma to business posed by...
A security vulnerability in Adobe's ColdFusion has been identified and fixed through a configuration...

UCSniff - VoIP 'Security Tool' Released

Business IT - Security

In the last couple of hours, Sipera VIPER Lab finally announced the availability of UCSniff v1.0.  This is a ‘security tool’ intended to test for the threat of unauthorised eavesdropping.

According to the website on SourceForge, UCSniff has the following major features:

Allows targeting of VoIP Users based on Corporate Directory and/or extensions

Automatically re-creates and saves entire voice conversations to a single file that can be played back by media players

Support for G.722 and G.711 u-law compression codecs

Automated VLAN Hop and Discovery support

A VoIP Sniffer combined with a MitM re-direction tool

Monitor Mode

UCSniff will run in either Monitor mode (passive eavesdropping) or in man-in-the-Middle mode where ARP-poisoning is used to spoof all service addressing.

VoIP installations running on Cisco IP Phones run a corporate directory, permitting UCSniff to monitor and track calls either by MAC address, IP address of user name.

Two additional tools are available with UCSniff – ACE permits the rapid reading (and storage) of the Cisco telephone directory and ARPsaver will re-establish the correct ARP settings in the event of an unexpected crash.

UCSniff is released under the GPLv3 licence and may be freely downloaded here.  Jason Ostrom and Arjun Sambamoorthy, principal developers at Sipera VIPER Lab recommend running UCSniff on BackTrack Linux and note that future versions will support Windows and also H.264 Video capture.

As always, they insist that you only run this tool on a network where you have permission to do so, purely for research purposes, of course.  UCSniff is intended to “help understand the risk of VoIP Eavesdropping so that security in the VoIP Infrastructure and applications can be improved to a level of acceptable risk.”

Have fun!