NEWS: Hotspot sniffer eavesdrops on iPhone [VoIP & video] in real-time
in [Wireless Internet]
|
Prev: HOW TO: Two separate wireless networks on one router (with DD-WRT)
Next: NEWS: Hotspot sniffer eavesdrops on iPhone [VoIP & video] inreal-time
From: Jeff Liebermann on 26 Oct 2009 00:26 On Sun, 25 Oct 2009 22:55:05 -0500, Dennis Ferguson <dcferguson(a)pacbell.net> wrote: >I think the ARP cache pollution they do to get everyone to send >the packets they want through the PC doing the tap is kind of >cute (though this may just show my ignorance of the state of the >art for this stuff), but you are right that none of that is rocket >science. You don't really need a man-in-the-middle type of exploit in order to sniff SIP traffic. It can be done by simply taping the ethernet cable, or sniffing the 802.11 traffic. I don't know why that was included. The only problem is that stock NDIS5 Windoze driver does not have a wireless monitor mode sniffing ability. That means you can only sniff traffic to/from a device to which you are connected. Monitor mode (and promiscuous mode) work fine for wired ethernet, but not for 802.11. <http://en.wikipedia.org/wiki/Monitor_mode> CACE has a monitor/promiscuous mode driver for Windoze that will work. <http://www.cacetech.com/products/airpcap.html> Wireless sniffing with Linux works just fine. >They do mention, however, that Sipera plans to introduce a SIP/RTP >encryption product next week, so demonstrating how low the bar >is for wiretapping SIP-based VoIP with a nice applicaton is >probably good marketing. The hints of impending disclosure of a possible serious vulnerability might have inspired Sipera to pre-announce new encryption technology. If the exploit fizzles, or there's no clamor for encryption, they'll just quietly drop the idea. Incidentally, I couldn't find a link to such a product announcement. Oh, it's Sipera, not Sipura/Linksys. One of these daze, I'll get them straight. <http://www.sipera.com> >Of course iPhone applications in >particular could also secure this stuff by sending it over the 3G >phone company connection rather than WiFi, but I don't think Apple's >restrictions on what applications can do on the phone are there >to protect their users' best interests. There are no current restrictions on VoIP over 3G on the iPhone. However, making phone calls over 3G is silly. The cost per byte is much more than over Wi-Fi. The main draw is free (or almost free) phone calls using a coffee shop, home, office, airport, hotspot at costs far less than cellular. >Dennis Ferguson -- Jeff Liebermann jeffl(a)cruzio.com 150 Felker St #D http://www.LearnByDestroying.com Santa Cruz CA 95060 http://802.11junk.com Skype: JeffLiebermann AE6KS 831-336-2558
From: alexd on 26 Oct 2009 05:40
Meanwhile, at the alt.internet.wireless Job Justification Hearings, Larry chose the tried and tested strategy of: > Even then, if you make the call from home and they KNOW what channel wifi > you're using, they have to scan 65,535 PORTS and try to figure out which > one of the active ones is used by the randomized, 256-bit encrypted Skype > noise. What on earth are you talking about? If somebody's intercepting your wireless traffic, they're not going to be scanning any ports. Fire up Wireshark some time and you'll see what I mean. -- <http://ale.cx/> (AIM:troffasky) (UnSoEsNpEaTm(a)ale.cx) 09:37:57 up 8 days, 4:32, 4 users, load average: 0.14, 0.16, 0.17 "Stupid is a condition. Ignorance is a choice" -- Wiley Miller |