4/26/2007
Security tools from The Grugq
Thanks to colleague Mark Collier for this recent post.
The grugq Releases VoIP Attack Tools
The grugq announced availability of several VoIP testing/attack tools at the most recent HITB conference in Dubai. I haven’t had the chance to mess with them yet, but plan to over the coming months. Here is a link to a presentation describing VoIP security history, issues, and the tools:
And a link where you can download the tools:
The grugq is pretty well known as a leader in VoIP security work and the Tactical VoIP site looks to be really just ramping up to speed. I grabbed the tools myself, and have gone through the presentation from the HITB conference twice. Interesting that this caught my eye prior to being invited to go blog about the next HITB in Kuala Lumpur in September. Finding that the grugq introduced this at the recent Dubai conference.
Here’s a bit more I grabbed from the HITB site:
Increasing numbers of users are benefiting from cheaper phone calls afforded by voice over IP technology. VoIP deployments are now common place for telcos, enterprises and consumers. Despite global adoption and rollout, voip is still hampered by ineffective security, in part due to poor VoIP penetration testing. Severe limitations in the capabilities of existing VoIP assessment tools restrict the range of attacks security practitioners can perform. The Tactical VoIP Toolkit (TacVTK) radically changes the VoIP auditing game.
This talk will focus on technical VoIP security assessment techniques, using the TacVTK core tools to demonstrate basic and advanced attacks. The primary emphasis for the talk will be SIP based VoIP security. The talk includes numerous demos, as well as providing conference participants a chance to see, and get ahold of, early release versions of the TacVTK.
About The Grugq
The Grugq is a domain expert consultant on VoIP security, digital forensic analysis and reverse engineering. The Grugq has spent 7 years working with all aspects of information security, from penetration testing to solutions and product development. The Grugq’s career has seen him working for financials, security consulting companies, start-ups and, most recently, founding his own information security company.
The Grugq’s information security expertise ranges from penetration testing and source code auditting, through to rootkit technologies and advanced digital forensic analysis and investigation. Since 2001 the Grugq has been involved in active Voice over IP security research, recently completing successful audits for major European and Asian telcos.
The Grugq’s domain expertise in VoIP security has seen him present at conferences, release advisories and complete assessments for national European and major Asian telcos. Additionally, he has developed strategic whitepapers for enterprise VoIP deployments. Based on his experiences with numerous audits, the Grugq has developed a VoIP security assessment tool suite to facilitate more accurate, effective and rapid VoIP centric penetration testing.
The presentations from that conference are also available at http://conference.hitb.org/hitbsecconf2007dubai/materials/. I did notice that Lance Spitzner from the Honeynet Project who I was with earlier this week was there too.
Gives me serious pause to figure out how I can invest the time to really understand and use this toolkit. It also gives me tangible reason to revisit how I might take advantage of the invitation to attend that conference in September.
Technorati Tags: VoIP security, the grugq, HITB conference, VoIP attack tools, SIP
Filed by Ken at 5:53 pm under InfoSec, Unified Communications, VoIP/Unified Communications
