Un-Secure IP/SIP Voice Calls
Imagine getting proprietary or personal information from the IP/SIP telephone calls and then having a field day with the information.
Of course I'd be the one troubleshooting our latest SIP trunk issue. Previously, I had hopes that I could point to the carrier since I have my trusty VQM (Voice Quality Monitoring) in place. A few weeks prior, we experienced our first disconnect during a call with a customer, then a few days later call quality seemed to come and go. VQM helped me isolate the call in this case, but oddly enough, the call sounded like a satellite call with lots of background white noise as in the days of old. So I questioned why the call quality showed up as "excellent." This led us down the path to first check the router configuration (last year for 4 months we did not have QoS turned on). Even after testing again and again, call quality didn't return to the same consistency.The good folks at ADTRAN found this strange. The support engineer had me run a packet trace using WireShark (formerly Ethereal) and in 15 minutes he pegged the issue with my test calls from the packet sniff as likely a codec issue on the carrier side. The problem was isolated on the inbound side coming from the carrier to our IP-PBX. Evidence in hand I called the carrier, but their reply the next day even after I forwarded the calls (packet trace--"the evidence") was they could find no issue in their network. No surprise. There's another issue besides getting this SIP carrier to provide service.
WireShark (a free application) is a great snooping tool that sniffs packets and provides an onboard playback of those IP/SIP voice calls that you captured. I heard the conversations from the packet trace and am able to take those telephone call recordings and do with them whatever I deem; and this opens up Pandora's box of legal issues. Using one test call from the trace; I used GoldWave to convert it to an audio file here. It also means IT/ITC must maintain personnel as "trusted" advisors and it goes without saying that knowing what employees view on the web is one thing but knowing what they talk about can cause untold damage. Sensitivity is key and the legal concerns with security over voice tampering; information mining and other devious activities are probably in for a lot of challenges and test cases.
Now to get a packet trace you only need a hub or a mirrored port in a switch, a laptop and WireShark. Imagine getting proprietary or personal information from the IP/SIP telephone calls and then having a field day with the information. It's not normally the way I think but after thinking about it, it seems that now we have virtual wiretaps and because I can and I know others that have; sniffing the public Internet is pretty easy. What kind of information is being mined from packet traces?
Voice encryption is good but normally it's only working between IP-PBXs or gateways, so any public IP/SIP call is best defined as "unsecure voice." Maybe the new telephone stickers for our phones should read "WARNING--your calls maybe subject to monitoring for quality control purposes but the calls themselves are UNSECURE." Employees and more importantly executives need to be aware of the inherent security risks. Breaking into your office hurts but perhaps not as much as what leaks out, causing irreparable damages to the enterprise.Imagine getting proprietary or personal information from the IP/SIP telephone calls and then having a field day with the information.