SPIT Attack at Columbia University
Written by martyndavies on Jul 23, 2007 - 08:27 AM
One piece of interesting news from the IPTComm 2007 conference last week, was that Columbia University (CU) had just suffered its own SPAM over Internet Telephony (SPIT) attack.
CU are just in the process of switching over to VoIP across campus for all telephony, and they are running a pilot rollout right now. According to Henning Schulzrinne, Prof. at CU and the inventor of SIP, someone got access through the proxy, and then was able to automatically dial to all available extensions. When phones were answered, a pre-recorded message was played out.
The problem was reported by users on the VoIP pilot programme, and had a minimal effect on the telephone system at CU. This kind of attack is not hard to achieve (for example see the recent book Hacking Exposed VoIP), so it is likely we will see many more examples in the future.
CU are just in the process of switching over to VoIP across campus for all telephony, and they are running a pilot rollout right now. According to Henning Schulzrinne, Prof. at CU and the inventor of SIP, someone got access through the proxy, and then was able to automatically dial to all available extensions. When phones were answered, a pre-recorded message was played out.
The problem was reported by users on the VoIP pilot programme, and had a minimal effect on the telephone system at CU. This kind of attack is not hard to achieve (for example see the recent book Hacking Exposed VoIP), so it is likely we will see many more examples in the future.
| Forum Rules and Guidelines | About VoIP User | Privacy Policy |
All logos and trademarks in this site are property of their respective owner. Comments and posts are property of the poster, all the rest (c) 2003-2006 VoIP User. No part of this site may be reproduced without our prior consent. |
