Yech. You don't have to resort to such hacker tools to sniff VoIP.
The industry has a variety of commercial vendors who sell VoIP test, quality monitoring, and call analysis tools. For example:
formatting link
formatting link
formatting link
formatting link
formatting link
are commonly found in telemarketing tanks and large corporate or government networks. Ethereal will also capture and decode most VoIP protocols and RTP streams. It's a bit tricky but not impossible. Here's some clues:
formatting link
formatting link
There are some technical difficulties with wiretap via wireless which are obvious to anyone that has ever tried to actually obtain useful data from a wireless sniff or capture. I won't mention what they are as I believe that aspiring criminals should learn such things the hard way.
It isn't just what your contemporaries can see (which in the case of a perspective employer can in fact be significant, though I suppose your concern about your mother is equally valid), but the fact that we are leaving a legacy that will outlive us individually.
If posters want to be taken seriously by anyone, today or tomorrow, they need to write for an audience that includes "your
*grandchildren*", and that is true for people who are 15 years old just as well as it is for people who a childless at 85 years of age.
Well, yes. I'm in the business of separating my customers from their money. As a greedy businessman, I consider it appropriate for customer to help subsidize my decadent and lavish lifestyle. So far, one person sent me $15 via paypal for my sage advice. It's a start.
I just wanted to point out that sniffers and monitors are commonly available, even if you do have to pay for them.
Well, Ethereal is free as are the various plug-in decoders.
Here's a free JAVA based VoIP sniffer I found on Sourceforge:
formatting link
problem is that it's mostly in Italian.
Agreed. Wireless VoIP sniffing is easy enough and can be done. Also, there's a problem with some clients. The voice payload might be encrypted but the SIP setup data is by necessity unencrypted. Therefore, I can extract what phone numbers or IP's are being called, and who's originating the call, which is quite useful information.
Of course not. Especially when it comes to individuals, the vast majority of credit card and identity theft is still done via old fashioned social engineering, digging through garbage, or gas station clerks who compile lists.
As far as time travel or mind reading... we'll just have to take comfort in the concept of mutually assured destruction. *Everyone* is going to have some dirt. But in the end it will probably be far more of a benefit since even the people with very weird experiences that they would never want to admit will suddenly find thousands of other people who also felt they were completely alone.
In article , Brian wrote: :> 10) There is no such thing as a secure telephone connection, :> unless *you* provide the encryption at both ends.
:Which only goes to confirm that credit card purchases by telephone are :foolhardy.
Are they more or less foolhardy than credit card purchases "by hand", in which your card might be taken away (restaurant) or double-swiped, or read through a "skimmer", or recorded (e.g., for recurring payment purposes) and later abused.
I was on Usenet in 84, on the older net before that, getting paid for code in the 70's, so I don't think I'm "younger".
Most people respect their mother more than their children and many people don't have children - it's about the age thing, what we find unacceptable in our moral values the newer generation is more tolerant of, and so it goes.
You do not need to "pre-conceive" every line before the date starts. But *thinking* before talking is clearly a good idea on first dates as well as in Usenet posts.
If the "real you" spouts off without thinking, go for it! ;-)
Why not? J Edgar Hoover was wearing something like that when he made the FBI into a legend...
Well, apparently several Presidents felt somewhat that way about Hoover too.
C'mon, Google translation services are always fun! ;)
Yes, frustratingly I have both Vonage and an alternate service. Only Vonage was their router to be connected to the cable modem and my Sipura wants to be connected there too. I asked Vonage what the SIP account details were as the firmware is crippled and doesn't display the SIP page and although their router is a 2 POTS port, I couldn't enter my second provider for the same crippled firmware reason. I was going to simply sniff the Vonage auth data but in the end just did a bit of reconfiguration and the result works.
Wouldn't that kind of ruin the stew? It's like going out on a first date having pre-conceived every line you will speak so that you make a good impression. That is perhaps useful as a means to an end, but rarely anything approaching the truth. Maybe our descendents would prefer a more realistic view of us just being ourselves.
Sometimes I wish we had some stories of America's founding fathers getting soused and falling off their horses. Not that I believe that having myths and legends is necessarily bad. But would we value the Declaration of Independence any less if we were to find out that Thomas Jefferson was wearing a dress and six petticoats when he wrote it?
I don't think so. In fact that would really kind of drive home the concept of the individuals right to pursue happiness.
Thomas Jefferson - a hell of a guy, and my kind of woman...
At about the time of 8/3/2005 6:45 PM, Steve stated the following:
One thing that I want to point out is that if you are using a Wi-Fi hotspot, then chances are that your conversations are *NOT* secure.
The FBI recently had a demonstration where they broke 128bit WEP security inside of 5 minutes. No SSID was being broadcast and MAC address filtering was turned on. And they did it using readily available software and equipment that everyone has access to.
If you want security over a Wi-Fi link, then use a VPN or other encryption agent.
Mostly anecdotal. Since the press back then wouldn't report such stories, the facts are pretty clouded. Kind of the way that the antics of sports figures were rarely reported in the past.
The original question was, "- Are my phone conversations secure over these connections? ... and referred to "all practical purposes".....
The easy answer which everybody seems to agree - is that nothing is secure. Why?... because if information exists ( even for an infintesimal amount of time, and even with the strongest encryption) and it is possible to read the data stream, then the message (conversation in this case) can be considered insecure.
But, lets's consider the qualifier, "all practical purposes". What is the risk? If the contents of Fort Knox were housed in an old dusty anonymous warehouse, which nobody knew about, then it would be
100% secure. Nobody would know about it so there would be no threat and no risk.
If Steve's telephone conversations are similarly "dusty" and "anonymopus"... lets say boring, then likewise, they are practically secure because they will be of no interest to anyone, and even if somebody happenned to overhear, the conversation would need to be of interest to the eavesdropper to even begin to carry the threat of any potential adverse consequence.
From a technical point of view, "WiFi" transmissions carrying VOIP are far more secure than conventional analogue phone traffic. Even with the proliferation of sophisticated consumer electronics, eavesdropping on digitised sound is not simple. Specific packets have to be captured then the contents have to be reassembled and using appropriate codecs, have to be converted back to analogue. With the addition of digital encryption the evesdropping process, especially if carried out in real time, is impractical even if possible. Consider that the WiFi eavesdropper also needs to be within reception range and his task becomes even more difficult.
Finally, If Steve's conversations are highly confidential then he would not be asking this question here.
My answer to " ..are MY phone conversations secure over these connections?"..." for all practical purposes", ... .YES
We don't know, he didn't tell us what his conversations were about so now we'd have to make assumptions.
We don't know that, he didn't state.
Not necessarily. Lets say there were bored teenagers who made a habit of searching around for VoIP data to sniff, just to see if it *was* interesting.
I'd disagree. In order to sniff VoIP over WiFi what do I need, a laptop, an antenna and a wireless card. Everything else is free. Oh and that's the same equipment I can use for everyday networking. On the otherhand, if I want to start hooking up to telephone lines, the problems are somewhat different to plopping down my laptop and attaching an antenna.
Ethereal and Vomit are free. Jeff gave other links to other tools.
That's hardly a problem with a decent antenna. People have been sniffing round for open AP's for ages, similarly screwing up Bluetooth. Maybe VoIP credit card detail hijacking is next. It's not that difficult.
We still don't know that, maybe that's why he was asking.
I don't have a problem with agreeing with that considering that you can listen to half of a mobile phone conversation any day you like by standing next to someone and depending on the earpiece volume, maybe full duplex. :)
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.