English

VoIP Can Still Be Exploited -- Badly

Cryptography and Security 2021-12-01 v1

Abstract

VoIP phones are early representatives as well as present enhancers of the IoT. This paper observes that they are still widely used in a traditional, unsecured configuration and demonstrates the Phonejack family of attacks: Phonejack 1 conjectures the exploitation of phone vulnerabilities; Phonejack 2 demonstrates how to mount a denial-of-service attack on a network of phones; Phonejack 3 sniffs calls. It is reassuring, however, that inexpensive devices such as a Raspberry Pi can be configured and programmed as effective countermeasures, thus supporting the approach of integrating both technologies. We demonstrate both attacks and defence measures in a video clip. The concluding evaluations argue that trusting the underlying network security measures may turn out overly optimistic; moreover, VoIP phones really ought to be protected as laptops routinely are today

Cite

@article{arxiv.2111.15468,
  title  = {VoIP Can Still Be Exploited -- Badly},
  author = {Pietro Biondi and Stefano Bognanni and Giampaolo Bella},
  journal= {arXiv preprint arXiv:2111.15468},
  year   = {2021}
}
R2 v1 2026-06-24T07:57:54.715Z