Hacking Vonage: How To Eavesdrop On Calls
Posted in Voice Over IP on July 10th, 2006
Vonage’s subscriber growth has exploded over the past few years, but how many of those customers realize how vulnerable their calls are to eavesdropping by third parties?
Vonage, like many other VOIP providers, uses SIP for call signaling and several RTP codecs for the audio portion. Vonage goes to great lengths to encrypt the configuration files used on the ATA adapters, but NO encryption is used on the audio portion of a call. Anyone with access to the RTP packets and the proper codec can monitor and record Vonage calls. This video tutorial walks you through the process of intercepting and monitoring Vonage calls on your network.
Watch the Hacking Vonage Tutorial
Do it Yourself Prerequisites:
- Windows 2000/XP.
- Access to the same IP Subnet as the Vonage Adapter.
- A working install of Cain.
The following diagram details the network configuration used for the tutorial.