System iNetwork

Pretty Good Practices

July 27, 2005

VOMIT: Diagnostic Tool Lets Hackers Target VoIP

Voice over IP (VoIP) is now a wildly popular technology, thanks to companies like Vonage and Skype. Who doesn't want to make cheap phone calls? But along with the low-cost advantage comes a high-cost risk that many IT managers overlook: security. Unlike Plain Old Telephone Service (POTS), which runs over copper wires through the phone company, VoIP travels over the insecure Internet and is thus subject to a number of unique threats.

Not that the Public Switched Telephone Network (PSTN) is impenetrable. It's not uncommon to find ready access to corporate phone closets and outside telco cross-connect points where phone taps can be easily installed. But POTS tappers do have to gain physical access to the copper lines, which means they likely won't be tapping your phone from, say, Moscow. VoIP, on the other hand, can be snatched out of the air from anywhere in the world, under the right circumstances. And those circumstances are more widely prevalent than you might think.

An open-source diagnostic tool with the unsavory name of VOMIT (Voice Over Misconfigured Internet Telephones) can be readily used to reconstruct VoIP conversations from TCP dump files, which brings the skill level required to tap VoIP down to script-kiddie-simple. Script kiddies, if you don't already know, are the unknowledgeable hacker wannabes that use off-the-shelf tools to crack networks without having any real skill themselves.

VOMIT converts a captured phone call into an ordinary .wav file, which can then be readily stored, e-mailed, posted on Web sites, and used to torment or extort money from victims.

Here's all a script kiddie needs to type to listen to your phone call:

$ vomit -r phone.dump | waveplay -S8000 -B16 -C1

VOMIT isn't the only VoIP tool hackers can employ to tap Internet calls, but it's one of the easiest to use. True, the hacker has to first get a TCP dump of the call, but that's not difficult to accomplish in this day and age. A single compromised host anywhere along the path the VoIP call takes is all that is needed. That could happen at an intervening ISP, in the call recipient's network, or even on your own network. The widely-available tcpdump utility is all an enterprising SK needs.

So what's the solution? Encryption, of course. "But I thought VoIP was already encrypted!" Think again, Kimosabe. Although the VoIP standard Session Initiation Protocol (SIP) supports encryption, virtually nobody enables it because it's complex to set up and CPU-intensive. Commodity VoIP carriers simply can't afford the latency and computational expense encryption imposes. In a marketplace where sound quality is king, these providers quietly sweep VoIP security issues under the rug. In enterprise VoIP deployments, the need to establish a Public Key Infrastructure (PKI) is a hurdle most IT pros run around rather than leap over.

SIP's end-to-end encryption specification is called Secure Realtime Transport Protocol, or S-RTP. To use S-RTP all parties to a VoIP call (or the associated VoIP-to-PSTN gateways) must be part of the same PKI. This is the only way to secure commercial VoIP products deployed in the enterprise today, and it should be a minimum practice for all private VoIP deployments.

But what about so-called non-commercial VoIP, specifically Skype? The good news is that Skype does use robust encryption: the Advanced Encryption Standard (AES) algorithm with 256-bit keys. Skype is actually quasi-commercial, since peer-to-peer calls between Skype users do not consume bandwidth on Skype's network. You pay for service only when one of the calling parties is on a POTS line, which must be routed through a Skype PSTN gateway. Skype implements a PKI to distribute encryption keys but then offloads the encryption to end-user computers, cleverly circumventing the most significant barrier to secure VoIP.

What's involved in building your own PKI? You can do it all yourself using open-source tools, such as IDX-PKI, or employ commercial services such as TransNexus. The open-source approach is tedious, especially if you're not a Unix guru; you may find commercial PKI products well worth their modest cost.

Commercial VoIP providers using hardware VoIP adapters will have to upgrade that hardware to support S-RTP, an unlikely proposition given the extremely competitive VoIP market -- unless users demand encryption.

Phil Zimmerman, the father of free encryption and a cyber-security folk hero, says he's working on a fix to the PKI problem. Zimmerman doesn't believe PKI is necessary for most VoIP calls, and is developing a program to secure VoIP calls without it. The program -- initially implemented for Macintosh but portable to Windows -- is still in testing, however, and Zimmerman says he won't release it until it's in better shape.

So the Pretty Good Practice for VoIP security boils down to this: Most commercial VoIP services are insecure, but Skype is safely encrypted. And if you're building your own VoIP network, enable S-RTP and build a PKI to go with it.

http://vomit.xtdnet.nl

Posted by mbeckman on July 27, 2005 at 9:52 AM | Comments (1)