RICHARDSON, Texas, Nov. 11 /PRNewswire/ -- Sipera Systems, the leader in real-time Unified Communications (UC) security, today announced its VIPER Lab released UCSniff, a free application that enables enterprises to determine if their VoIP networks are vulnerable to targeted eavesdropping. Jason Ostrom, Director of VIPER Lab, first publicly demonstrated UCSniff in September at the ToorCon X Conference, reviewing how administrators can validate this vulnerability, imitate an enterprise IP phone, download a corporate directory, then automatically monitor and record confidential conversations by targeting key employees and departments.
More information about the UCSniff tool is available at http://www.sipera.com/index.php?action=resources,uc_sniff, along with a link to download UCSniff, under the GPLv3 License, to test enterprise VoIP networks.
"UCSniff is an assessment tool that helps demonstrate vulnerabilities in VoIP design and implementation. It was born from the concept of combining targeted attacks against VoIP users along with the corporate directory, intelligent VLAN support, and man-in-the-middle features," said Ostrom. The security and regulatory compliance implications are significant for VoIP eavesdropping, especially given the ability for outside hackers to access corporate directories and use that information to target and automatically record conversations between CEOs, CFOs, Corporate Counsel and outside law firms or patent offices, sales executives, Human Resources, Accounts Receivable dealing with customer credit card payments, the CTO office and others.
The UCSniff tool is available now for SIP and SCCP signaling protocols. A future version will allow testing VoIP Video calls on the Windows OS. UCSniff is one of several VoIP/UC vulnerability testing applications offered by Sipera VIPER Lab, which will release others in the coming months. Over the past four years, Sipera VIPER Lab has identified thousands of VoIP and UC vulnerabilities, most of which cannot be addressed by traditional data security measures. As an educational security service to Sipera's customers and the general public, Sipera VIPER Lab releases free vulnerability testing tools, and has published threat advisories, at http://www.sipera.com/viper.
The Sipera IPCS products are comprehensive, real-time Unified Communications security solutions that simplify and protect VoIP and UC over any network and to any device. Backed by the extensive vulnerability research of Sipera VIPER Lab, the Sipera IPCS products provide threat protection, policy enforcement, access control, and privacy in a single, real-time appliance. The product family spans four systems supporting 200 to 50,000 users.
