SPOTLIGHT: UCSniff VoIP security tool officially unveiled

Tools

If you haven't worried enough about VoIP security, UCSniff has been released officially by the Sipera Viper Lab.

First unveiled at the Toorcon security conference in late September, UCSniff allows you to target users based on corporate directory and/or extensions, record entire voice conversations, discover and hope VLANs, perform man-in-the-middle (MitM) redirection and plenty more. Sipera has now made the tool available for public download, so, if you want to really torque off your security and IT people, you could record and email them a couple of their phone calls.

If you want really scary/really paranoid thoughts, since UCSniff (and of course, a lot of other security tools) are written in C and available for Linux systems, an attacker could buy a $300 Netbook, install it in a phone closet somewhere, and with a little hackwork, record and email your conversations outside the office.

Hmm, maybe its time to re-install the old key system...

For more:
- Read the quick blog post at Dark Reading.

Related articles
UCSniff targets VoIP, UC, and the inside job - FierceVoIP
Sipera Systems, Top VoIP Company 2008: FierceVoIP, Fierce 15 ...