Well, you have not mentioned what type of VoIP network are you deploying - SIP/MGCP/H323/Skinny?
Secondly, 'vulnerability testing' requires definitiondepending on the network and infrastructure. What exactly are you going to test - how your firewalls pass/block voip traffic? How your application servers and endpoints react on malformed messages? Is it possible to do Man-in-the-middle attack or password sniffing/decrypting? --i.n. On 5/23/07, William Grayson <[EMAIL PROTECTED]> wrote:
Dear Wireshark- I am in the process of deploying a VoIP carrier network where I am installing Juniper M7i routers in 10 cities. What tools can I use out there to monitor voip traffic and do some vulnerability testing? I would like to pretend I am a DoS person out there attacking the network. wg -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, May 23, 2007 1:17 PM To: wireshark-users@wireshark.org Subject: Wireshark-users Digest, Vol 12, Issue 45 Send Wireshark-users mailing list submissions to wireshark-users@wireshark.org To subscribe or unsubscribe via the World Wide Web, visit http://www.wireshark.org/mailman/listinfo/wireshark-users or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of Wireshark-users digest..." Today's Topics: 1. Sniffing AIM traffic (Mike W) 2. Help needed on interpretation of dump (Wolfgang Heidrich) ---------------------------------------------------------------------- Message: 1 Date: Wed, 23 May 2007 11:22:52 -0400 From: "Mike W" <[EMAIL PROTECTED]> Subject: [Wireshark-users] Sniffing AIM traffic To: wireshark <wireshark-users@wireshark.org> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" I've been playing around with Wireshark recently, attempting to get familiar with the app and with traffic analyzing. I wanted to see what would happen if I tried sniffing AIM traffic from one of the PCs on my LAN. When AIM is connecting to the oscar server directly, I'll see no AIM traffic at all. I sign on/off (I see the HTTP traffic generated by this process, but nothing else), send messages, get buddy info, etc. but Wireshark isn't picking up any AIM packets. I have the filter set to only view traffic from the host running AIM. When I route AIM through my Squid proxy, I can see everything as HTTP requests. I've gone through all my settings, which I haven't changed since installation, and can't see anything wrong with them. Is there something that I'm missing here? Am I looking at the wrong traffic? I've tried with no filters, as well as filtering by port and host. At first I thought that my NIC wasn't dropping into promiscuous mode properly or something, but I can still seea lot of traffic from other hosts on my network. I also tried sniffing from my windows machine using Wireshark, but with the same results. Any help would be very appreciated. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.wireshark.org/lists/wireshark-users/attachments/20070523/aebb c887/attachment.htm ------------------------------ Message: 2 Date: Wed, 23 May 2007 16:54:31 +0200 From: "Wolfgang Heidrich" <[EMAIL PROTECTED]> Subject: [Wireshark-users] Help needed on interpretation of dump To: <wireshark-users@wireshark.org> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" Hello, although I have disabled all which look like "windows is phoning home" I found an irritating entry in last nights dump - starting from line 426 onwards. As there is something mentioned like redirect, do I have malware on my PC? Who can help me? The dump-file is attached. If someone finds other irregularites, please inform me as I am a starter with wireshark. rgds akelus -------------- next part -------------- A non-text attachment was scrubbed... Name: dump9.cap Type: application/octet-stream Size: 558539 bytes Desc: not available Url : http://www.wireshark.org/lists/wireshark-users/attachments/20070523/f412 2417/attachment.obj ------------------------------ _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users End of Wireshark-users Digest, Vol 12, Issue 45 *********************************************** _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
-- I.N.
_______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
