Synopsis: Blue Box #83: SIP and Asterisk vulnerabilities, voice biometrics, P2PSIP, Aircell blocking Skype, VoIP security news and more…
Welcome to Blue Box: The VoIP Security Podcast #83, a 39-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.
NOTE: This show was recorded on September 4, 2008.
You may also listen to this podcast right now:
- 00:20 - Intro to the show, contact information and how to provide comments. Welcome to all the new listeners - and to all those listeners who have been here for so long!
- Programming notes:
- Three-year anniversary of Blue Box coming up on October 24th - any thoughts you'd like to share with us? (Please send them to us by October 23rd.)
- Remote DoS in reSIProcate
- Remote root shell in Trixbox
- Second route of VoIPShield Cisco/Avaya/Nortel vulnerabilities
- AST-2008-010 – IAX2 ‘POKE’ Resource Exhaustion
- AST-2008-011 – IAX2 Firmware Provisioning System
- Saunderslog: Squawk Box – July 10, 2008: Voice biometrics and VoiceVerified.com
- Saunderslog: Squawk Box – July 9, 2008: P2PSIP
- IETF: P2PSIP Security Requirements
- Voice of VOIPSA: “Aircell blocking VoIP on a plane” – part 1 , part 2 and an update
- Voice of VOIPSA: Shawn Merdinger’s series on “Asking The Cisco IPICS Expert” – Questions 1-5 – 6-10 – 11-15 – 16-20 – 21-25
- Voice of VOIPSA: Asterisk ‘hack’ to show blocked Caller-ID points to larger trust issues with SIP (and SpeechTEK speech)
- NetworkWorld: Georgia student arrested for hacking grades, VoIP
- CRN: Analysis: Hacking VoIP as easy as 1-2-3
- Ari Takanen starts blogging at InfoWorld
- InfoWorld: Motivation for VoIP Fuzzing
- TMCnet: How to keep your tech career afloat
- New analyst report: Security Threats Loom Over Unified Communications pointing to Light Reading report and article
- VoIP Companies to Fight For Market Share
- IEEE approves 802.11r standard
- Google Chrome – upgrading the web to be application-centric
- Items on my DisruptiveTelephony blog… Skype 5th birthday, Asterisk future, Digium/Nortel
- No comments this week.
- Review of the last week's traffic on the VOIPSEC public mailing list
- Wrap-up of the show
- 39:08 - End of show
Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to email@example.com. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-415-830-5439 or via SIP to 'firstname.lastname@example.org' to leave a comment there.
Thank you for listening and please do let us know what you think of the show.