caller id

[Jeremy George <>]

Folks,

  Kevin Mitnick, in the Art of Deception, describes a scam in which a
Meridian PBX engineer falsified caller id information.  Which got me
to thinking.  I routinely reset outbound caller id information at our
ip-pbx gateway.  For seven digit calls I add Yale's prefix (43) to the
original 6XXXX turning the calling number into 436XXXX.  For 10 digit
calls I add 20343.  Pretty standard stuff.

  The point?  Anyone with access to the ip-pbx gateway or in some cases
the proxy could make a call appear to come from anywhere, internal to
any enterprise.  In fact, anyone smart enough to forge the contents of
a sip packet could do this.  Moreover, a sip caller could actually be
located anywhere, globally.  An excellent way to gain credibility at
the start of a scam.  Although it's been fun today making calls appear
to come from CIA headquarters, it's possible that DOS attacks will be
the least of our security worries.

  I guess this won't come as a shock to pbx engineers but I'd never
put on an attacker's hat and so it was a surprise to me.  At some point
we really need to sit down with security folks.

- Jeremy

-- 

---------------------------------------------------------------wg-voip-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

    http://archives.internet2.edu/

---------------------------------------------------------------wg-voip--