[cisco-voip] 1. Re: FEMA voicemail system hacked (Bill Simon)

[FrogOnDSCP46EF]

This is really damn easy to hack into the h323 or mgcp gateway.

I setup a system where I have seen that the H323 gateway was on a real IP
address and it wasn't bind on any interface so by default it was binded on
the serial0/0. serial 0/0 interface was public interface. So h323
registration and other stuffs didn't have any security on.
So anybody can register a gateway and start routing the calls.

recently I did a few audits and found most of them didn't have a clue of
voip gatewaay opened for public registration.

Thats what happened to FEMA voicemail system.

This also could be that the contractor was involved in doing fraude. there
is a website wher eyou can sell these minutes. All u need to tell those
website is just ip addrss of the gateway /port and thats all. You will get
your commission for letting those craps know that there is a hole in the
voip system.


-- 
Smile, you'll save someone else's day!
Frog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20080824/c3e356bc/attachment.html>