Call Manager encryption

Discussion in 'VOIP' started by Bobby Janow, Jul 2, 2003.

  1. Bobby Janow

    Bobby Janow Guest

    Does the Avvid system have encryption on the voice phone conversations. We
    need to be able to protect calls to the police dept. from being eavesdropped
    or port copied. I saw a demo of the Avaya system today that can do it on an
    optional/mandatory level.

    Bobby Janow, Jul 2, 2003
    1. Advertisements

  2. Bobby Janow

    chris Guest

    No it does not encrypt the voice data at all. Proper use of vlans
    will help, but not prevent someone from sniffing the call.
    chris, Jul 2, 2003
    1. Advertisements

  3. Bobby Janow

    Bobby Janow Guest

    Thanks for the quick reply. I know a VLAN can segment and protect the data
    traffic at the police department. But if I have a call originating at the
    High School from the principal, going to the chief of police regarding an
    incident that happened, would the conversation be open to a knowledgeable
    student with available hacker tools? Couldn't they just port spoof or port
    forward the entire conversation thus compromising all kinds of
    confidentiality laws?

    Bobby Janow, Jul 2, 2003
  4. Bobby Janow

    chris Guest

    Arp spoofing would help them sniff the traffic, provided that had
    access to a port in the correct vlan. Also note that the 79xx phones
    echo all of the phone data on the pc port (at least for the firmware
    loads I've seen).
    chris, Jul 4, 2003
  5. Bobby Janow

    Bobby Janow Guest

    Thanks again. I believe the key here is that they would need access to the
    port. The Avaya thing might just be smoke and mirrors due to the fact that
    they were in a lab setting with total access to all traffic and ports.

    Bobby Janow, Jul 6, 2003
  6. Bobby Janow

    Bobby Janow Guest

    I'll check out the webinar for sure. Avaya is using some form of encryption
    on the phone or in their call manager. They are castigating the use of VPNs
    due to the cost, complexity, and user difficulty. Cisco is talking VPN if
    you want total security. In reality, however, if someone wanted to tap a
    phone they could just clip those little doo-hickeys onto the wires outside
    like they do in the movies.

    Bobby Janow, Jul 7, 2003

  7. Sorry for that late answer. It was a noname product. But we only
    used our phone vlan for the demo i.e. untagged packets.

    It doesn't affect vlan tagging, you're right. But as some cisco guys
    told me the packet is switched with the tag and only at the egress port
    the tag may be removed (if this port belongs to the vlan of the untagged
    packet). If you flood the switch you will receive that tagged packet
    on every port. So you have to have a look at the tag, remove it and
    collect every packet in a directory depending of that removed tag.
    So you can find every rtp stream and make it audible.
    Lothar Hofmann, Aug 1, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.