Skip to main content

VoIP class at Vigo University


My colleague Antón (@AntonRoman) and myself visited last Monday the Telecommunication Engineering School at Vigo University in order to give a talk about VoIP, technologies and project that we’re involved in Quobis. As the year before, we were invited by the professor of the subject Switching laboratory”., Martín López Nores, to prepare a Kamailio practical exercise.

Antón started explaining some basic VoIP concepts and then he went through more advanced ones mainly focused in Kamailio SIP server (slides).Then, I made a review and a demo of the most common VoIP vector attacks that we found every day “in the wild” and their available countermeasures (slides).



As the last course, we extended the mandatory practice with an optional exercise (you can download them from the links below):

We encourage the students to give it a try, I strongly think this practice could be very useful for their professional future. In fact,  Andrés Souto (@kai670), who did a great job last year while being a student of the last course, is working now with us at Quobis. And last, but not least, we would like to thank Martín for this opportunity of sharing a good time and discovering skilled students.

Popular posts from this blog

ISO 27001: Inventario de los activos de información

Uno de los primeros pasos que debe seguir la entidad para adaptarse a la norma ISO 27001 es realizar el inventario de activos que contendrá todos aquellos activos de información que tienen algún valor para la organización y que quedan dentro del alcance del SGSI . En un principio puede parecer un poco abrumador para un principiante(como yo) por la enorme cantidad de activos que se te van ocurriendo por eso decidí empezar por clasificarlos de alguna forma, de entre las múltiples maneras que me encontré elijo la definida por los expertos del foro ISO27k ya que me parece la más completa, mostrando ejemplos de cada tipo y es válida para entidades de muy distinta naturaleza. Éste podría ser un buen punto para comenzar siempre teniendo en cuenta lo que nos aconsejan también en ese foro: "Debido a que los activos son algo cambiante, incluso si pudieras cubrir absolutamente todo lo que hay hoy, mañana la situación sería un poco diferente y más en unas semanas, meses o años. Así que

SIP INVITE attack with Metasploit

Some days ago my friend  @pepeluxx  wrote  another post  about INVITE attacks. He spoke about a  @sinologic   project  which allows to everybody passing some security tests to SIP servers. Furthermore he also published a perl script to do the same task. So I implemented it on Metasploit because I think It could be really useful during a pentesting. It’s interesting because these attacks are really dangerous, normally, attackers try to call to expensive locations. This target numbers often have special charges and they make money with this. Here there are two well known examples: http://blog.sipvicious.org/2010/12/11-million-euro-loss-in-voip-fraud-and.html http://snapvoip.blogspot.com.es/2009/02/calls-to-cuba-and-voip-attacks.html I’m not going to deep in this vector because of being a well known (and old!!) one. Basically the attacker tries to make a call using a misconfigured PBX. This is allowed because  SIP RFC  says that an extension has not to be registered to be abl

Another simple Metasploit module: ICMP Flooder

Hi again!, I said I was going to develope VoIP related Metasploit modules but I was reading PacketFu documentation and I found that wrinting an ICMP flooder couldn´t be too complicated at this point. So I share this code too, I decided to include SHOST and SIZE options too trying to get a more flexible module able to make different flavors of this attack as Ping flood , Smurf or Ping of death . Next pictures show the module in  the same way of last post. Code: ------------------------------------------------------------------------- require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Auxiliary::Dos include Msf::Exploit::Capture def initialize super( 'Name' => 'ICMP Flooder', 'Description' => 'A simple ICMP flooder', 'Author' => 'Jesus Perez', 'License'     => MSF_LICENSE, 'Version' => '$Revision: 0 $' ) register_opt