Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Eavesdropping a Cisco IP phone

Hello,

I have someone that is concerned about his phone being listening in on. I'm looking for a cisco document that describes all the ways that this could possibly be done.

If anyone has any suggestions on how to ease this persons concerns please let me know. Thanks

Jason

  • IP Telephony
7 REPLIES

Re: Eavesdropping a Cisco IP phone

Hi Jason,

This can be done by anyone that has access to a network device between his endpoint and the RTP stream where it terminates (gateway, MTP, another phone).

This is normally done via a SPAN session. It is possible to rebuild G.711 calls with free software very easily (Wireshark).

This isn't like analog telephony where the wire may make noises or give any indication that people are listening.

This would just be packets being copied over to another interface - which is entirely silent and undetectable unless you look at the switch configurations.

You can try configuring SRTP for your system, so that even if someone does sniff the traffic, they can't do anything with it.

hth,

nick

Re: Eavesdropping a Cisco IP phone

Nick,

Thanks for the reply. Is there any Cisco documentation that would talk about anything like this.

I was also thinking about other methods such as the barge feature any others that you can think of that could potentialy allow for listening in on a conversation. Thanks for your help

Jason

New Member

Re: Eavesdropping a Cisco IP phone

I am also interested in this subject. I heard about the eavesdropping vulnerability discussed in http://www.cisco.com/warp/public/707/cisco-sr-20071128-phone.shtml Do you know whether there are any other attack vectors other than HTTP - like via SCCP or an SDK application for example ?

Hall of Fame Super Gold

Re: Eavesdropping a Cisco IP phone

Hi, summarizing:

1. If the call goes via PSTN at any point is not possible to protect confidentiality in any way, because there is always the possibility of wiretap inside or outside premises. You will notice that in fact this type of calls are the ones about what people is mostly worried.

2. If the call goes via VoIP exclusively, the only way to ensure confidentiality is to configure SRTP, that cyper the voice strame and will make a lock appear in the phone display. All other methods can be defeated by skilled attackers and of course by malicious system administrators.

3. Really motivated attackers do not care about wiretapping the line or the phone. They use "evironmental bugs" in the room or elsewhere.

I know that all this can seem to go a little overboard, but it's simply the truth, then it's up to you to decide how to present it to your concerned user.

Re: Eavesdropping a Cisco IP phone

Hello,

I agree with your assesment. The only real way would be to use SRTP every where. Do you know of any Cisco documents that may talk about the security vulnerabilities?

Also any callmanager features that would make this possible. One I though of was the barge feature. Thanks for your help.

Jason

Hall of Fame Super Gold

Re: Eavesdropping a Cisco IP phone

Jason, as far as I know here are no known vulnerabilities in cisco's SRTP.

I would look at CM's SRND for an implementation guide.

What I want to bring your attention to, is point 1 of my previous post.

When realizing that wiretapping can always happen at PSTN level, most users are willing to renounce to the incomplete protection available with encryption in network, consequently relieving the system administrator from the burden of configuring and maintaining it. Security comes at a price!

Re: Eavesdropping a Cisco IP phone

Hi Jason,

SRTP is not something to be taken lightly. The configuration can become very overwhelming very quickly. And even then, there will be so many things that you cannot encrypt that the entire process becomes very questionable whether it was worth the effort or not.

SRTP implementation is generally used by large organizations / government that have no room for error or security breaches.

And that's not going to stop anyone from doing things in the 'physical' world like pointing listening devices at your users or putting 'bugs' in the room.

There are some features for IPCC that allow this to happen. Otherwise, every other feature notifies the user that someone is listening.

If you make sure your switches haven't been compromised, you should be fine.

hth,

nick

277
Views
10
Helpful
7
Replies
This widget could not be displayed.