Synopsis: Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
Welcome to Blue Box: The VoIP Security Podcast #83, a 39-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.
Download the show here (MP3, 18MB) or subscribe to the RSS feed to download the show automatically.
NOTE: This show was recorded on September 4, 2008.
You may also listen to this podcast right now:
Show Content:
- 00:20 - Intro to the show, contact information and how to provide comments. Welcome to all the new listeners - and to all those listeners who have been here for so long!
- Programming notes:
- Three-year anniversary of Blue Box coming up on October 24th - any thoughts you'd like to share with us? (Please send them to us by October 23rd.)
- Remote DoS in reSIProcate
- Remote root shell in Trixbox
- Second route of VoIPShield Cisco/Avaya/Nortel vulnerabilities
- AST-2008-010 – IAX2 ‘POKE’ Resource Exhaustion
- AST-2008-011 – IAX2 Firmware Provisioning System
- Saunderslog: Squawk Box – July 10, 2008: Voice biometrics and VoiceVerified.com
- Saunderslog: Squawk Box – July 9, 2008: P2PSIP
- IETF: P2PSIP Security Requirements
- Voice of VOIPSA: “Aircell blocking VoIP on a plane” – part 1 , part 2 and an update
- Voice of VOIPSA: Shawn Merdinger’s series on “Asking The Cisco IPICS Expert” – Questions 1-5 – 6-10 – 11-15 – 16-20 – 21-25
- Voice of VOIPSA: Asterisk ‘hack’ to show blocked Caller-ID points to larger trust issues with SIP (and SpeechTEK speech)
- NetworkWorld: Georgia student arrested for hacking grades, VoIP
- CRN: Analysis: Hacking VoIP as easy as 1-2-3
- Ari Takanen starts blogging at InfoWorld
- InfoWorld: Motivation for VoIP Fuzzing
- TMCnet: How to keep your tech career afloat
- New analyst report: Security Threats Loom Over Unified Communications pointing to Light Reading report and article
- VoIP Companies to Fight For Market Share
- IEEE approves 802.11r standard
- Google Chrome – upgrading the web to be application-centric
- Items on my DisruptiveTelephony blog… Skype 5th birthday, Asterisk future, Digium/Nortel
- No comments this week.
- Review of the last week's traffic on the VOIPSEC public mailing list
- Wrap-up of the show
- 39:08 - End of show
Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to [email protected]. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-415-830-5439 or via SIP to '[email protected]' to leave a comment there.
Thank you for listening and please do let us know what you think of the show.
Comments