Sipera VIPER Lab's UCSniff Helps Expose VoIP Security Vulnerability

Sipera Systems, a provider of unified communications (UC) security, announced the release of UCSniff from Sipera Viper Lab. UCSniff is a free application that demonstrates vulnerabilities in the voice over Internet Protocol (VoIP) design and implementation. Enterprises can use the application to test their VoIP networks to see if they are vulnerable to targeted eavesdropping.

 

UCSniff was first demonstrated publicly at the ToorCon X Conference. The test demonstrated how administrators can validate the vulnerability, imitate an enterprise IP phone, download a corporate directory, then automatically monitor and record confidential conversations by targeting key employees and departments.

 

“The security and regulatory compliance implications are significant for VoIP eavesdropping,” said Sipera.

 

This would result in serious consequences, given the ability for outside hackers to access corporate directories and use that information to target and automatically record conversations between CEOs, CFOs, Corporate Counsel and outside law firms or patent offices, sales executives, Human Resources, Accounts Receivable dealing with customer credit card payments, the CTO office and others.

 

“UCSniff is an assessment tool that helps demonstrate vulnerabilities in VoIP design and implementation,” said Ostrom, director of Viper Lab, in a statement. “It was born from the concept of combining targeted attacks against VoIP users along with the corporate directory, intelligent VLAN support, and man-in-the-middle features.”

 

The UCSniff tool is now available for Session Initiation Protocol (News - Alert) (SIP) and Skinny Client Control Protocol (SCCP) signaling protocols. Viper Lab plans to release a future version with voice over Internet Protocol (VoIP) video calls testing capability on Windows OS.

 

Sipera VIPER Lab says it has identified thousands of VoIP and UC vulnerabilities over the past four years, most of which cannot be addressed by traditional data security measures. The new tool is part of its free educational security service offerings to its user community.

 

Sipera’s IPCS security appliances now offer advanced security for SIP trunking and better integration with SIP trunk provider services.  The Sipera VIPER Engine has been upgraded to address the latest vulnerabilities and threats, adding the capability to download security signatures automatically, and enhanced anomaly detection capabilities against zero day attacks. 

 

Sipera offers comprehensive security to SIP trunks and addresses key deployment issues by offering additional Session Border Control (SBC) functionality.  The upgraded Sipera IPCS appliances have been integrated with Tier-1 SIP trunk providers, and offer Quality of Service (QoS) reporting, enabling network administrators to monitor latency, jitter and packet delay for critical UC applications, and identify bandwidth spikes that might indicate an attack or other anomalies, the company said.