Comments on: VoIP Hopper – VLAN Hopping Tool http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/ Ethical Hacking, Penetration Testing & Computer Security Tue, 14 Feb 2012 00:17:07 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: eM3rC http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-111179 eM3rC Thu, 14 Feb 2008 08:20:28 +0000 http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-111179 @agentphunk All I can say is I bow down to you sir... It now seems so much clearer yet more complicated. I think I'll plead ignorant due to the fact I haven't actually gone into working in the computer field yet. @Darknet agentphunk's post should be stickied or something just so other people can learn the ways of VoIP @agentphunk
All I can say is I bow down to you sir… It now seems so much clearer yet more complicated.

I think I’ll plead ignorant due to the fact I haven’t actually gone into working in the computer field yet.

@Darknet
agentphunk’s post should be stickied or something just so other people can learn the ways of VoIP

]]> By: agentphunk http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-111096 agentphunk Thu, 14 Feb 2008 05:05:43 +0000 http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-111096 eM3rC: Close but not quite. I think you're thinking about voip providers like Vonage and perhaps Skype, which do send packets over the internet. This tool is for 'enterprise' VoIP, which is anything BUT cheap and packets usually don't traverse the Internet. Companies used to run and support two infrastructures - data and voice, each with its own routing/switching gear, circuits, cabling, dedicated support teams, different vendors, etc. The two infrastructures didn't co-mingle that much. VoIP basically does away with the traditional voice infrastructure by digitizing the audio (with a particular codec, for example G.729 or G.711) and stuffing that into routable IP packets. Essentially voice is just another application running across your network. However, its a 'latency-sensitive' application that doesn't like getting delayed, AT ALL, from point A to point B. So although voice and data are 'riding the same pipe' you want to be smart about it and segment or differentiate the two types of traffic. Thats where the two VLANs come in: you want your PCs, printers, servers, etc in one subnet / VLAN / 'broadcast domain' and your telephony (pronounced tell-eph-O-ni, not telly-phony!) devices in another (no need for your phones to hear all of those damn NetBios broadcasts, right? Plus, you might have 100-200 data devices in a subnet, so that means maybe 100-200 users, which translates to maybe 100-200 phones. That adds up to 500 devices in one subnet - not good.) So you're going to have a Data VLAN and a Voice VLAN in most enterprise networks, with different IP addressing schemes for each. You'll also apply QoS (quality of service) settings differently for each subnet, because again you want to ensure your voice packets get priority over big clunky data packets). If you're -really- interested I can elaborate on the process by which a phone winds up the voice vlan (the tool's description is 100% accurate, though) but once its there it 'Tags' each voice packet using a mechanism called 802.1Q trunking. Each switchport is configured with a 'native' VLAN (the data vlan, with no trunking) and a voice vlan that can only be 'accessed' when the packets are 'wrapped' inside of an 802.1Q packet. So this isn't about frequencies - its about a way for the IP phones to differentiate themselves from the 'native' data vlan, and get all of the added benefits that come with that (specifically the QoS markings that are used 'upstream' at the routers to prioritize voice traffic over data traffic, but there's other benefits too.) So what the tool is doing is listening to the mechanism by which a phone learns what the voice VLAN is, and then allowing your PC to do the same thing. The immediate benefit would be that your packets would get that preferential treatment as they cross the corporate wide area network (super fast web surfing!) but in some environments there might be ACL's on the data vlans that aren't on voice, perhaps giving you access to voice-infrastructure devices like PBXs etc.) HOWEVER, that's going to get you noticed fairly quickly, I think. Phones talk to other phones and PBXs, not to YouTube and Team Fortress servers. Voip traffic is fairly lightweight - and predominantly UDP not TCP. The network guys (e.g. Me!) have reserved a specific percentage of bandwidth for voice traffic and usually watch that pretty closely. Bottom line: looks like an interesting utility but read up on enterprise voip before you use it at work. You can't claim ignorance on this one; if I caught you using it at my company I'd probably lobby to get you fired :-) eM3rC: Close but not quite. I think you’re thinking about voip providers like Vonage and perhaps Skype, which do send packets over the internet. This tool is for ‘enterprise’ VoIP, which is anything BUT cheap and packets usually don’t traverse the Internet. Companies used to run and support two infrastructures – data and voice, each with its own routing/switching gear, circuits, cabling, dedicated support teams, different vendors, etc. The two infrastructures didn’t co-mingle that much. VoIP basically does away with the traditional voice infrastructure by digitizing the audio (with a particular codec, for example G.729 or G.711) and stuffing that into routable IP packets. Essentially voice is just another application running across your network. However, its a ‘latency-sensitive’ application that doesn’t like getting delayed, AT ALL, from point A to point B. So although voice and data are ‘riding the same pipe’ you want to be smart about it and segment or differentiate the two types of traffic. Thats where the two VLANs come in: you want your PCs, printers, servers, etc in one subnet / VLAN / ‘broadcast domain’ and your telephony (pronounced tell-eph-O-ni, not telly-phony!) devices in another (no need for your phones to hear all of those damn NetBios broadcasts, right? Plus, you might have 100-200 data devices in a subnet, so that means maybe 100-200 users, which translates to maybe 100-200 phones. That adds up to 500 devices in one subnet – not good.) So you’re going to have a Data VLAN and a Voice VLAN in most enterprise networks, with different IP addressing schemes for each. You’ll also apply QoS (quality of service) settings differently for each subnet, because again you want to ensure your voice packets get priority over big clunky data packets). If you’re -really- interested I can elaborate on the process by which a phone winds up the voice vlan (the tool’s description is 100% accurate, though) but once its there it ‘Tags’ each voice packet using a mechanism called 802.1Q trunking. Each switchport is configured with a ‘native’ VLAN (the data vlan, with no trunking) and a voice vlan that can only be ‘accessed’ when the packets are ‘wrapped’ inside of an 802.1Q packet. So this isn’t about frequencies – its about a way for the IP phones to differentiate themselves from the ‘native’ data vlan, and get all of the added benefits that come with that (specifically the QoS markings that are used ‘upstream’ at the routers to prioritize voice traffic over data traffic, but there’s other benefits too.)

So what the tool is doing is listening to the mechanism by which a phone learns what the voice VLAN is, and then allowing your PC to do the same thing. The immediate benefit would be that your packets would get that preferential treatment as they cross the corporate wide area network (super fast web surfing!) but in some environments there might be ACL’s on the data vlans that aren’t on voice, perhaps giving you access to voice-infrastructure devices like PBXs etc.)

HOWEVER, that’s going to get you noticed fairly quickly, I think. Phones talk to other phones and PBXs, not to YouTube and Team Fortress servers. Voip traffic is fairly lightweight – and predominantly UDP not TCP. The network guys (e.g. Me!) have reserved a specific percentage of bandwidth for voice traffic and usually watch that pretty closely.

Bottom line: looks like an interesting utility but read up on enterprise voip before you use it at work. You can’t claim ignorance on this one; if I caught you using it at my company I’d probably lobby to get you fired :-)

]]> By: eM3rC http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-108957 eM3rC Sat, 09 Feb 2008 08:43:33 +0000 http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-108957 Thanks for the translation Pantagruel! It seems like VoIP would be a good system to use because of the low price and reliable service. Could someone confirm that this is how it works? Basically the internet is broad casted over one frequency of the LAN line while the information used for the VoIP service is transmitted over a different frequency hence allowing the information to travel over both lines without interference. (Although I am not sure why someone is required to use those filters when you install DSL). Thanks for the translation Pantagruel!

It seems like VoIP would be a good system to use because of the low price and reliable service.

Could someone confirm that this is how it works? Basically the internet is broad casted over one frequency of the LAN line while the information used for the VoIP service is transmitted over a different frequency hence allowing the information to travel over both lines without interference. (Although I am not sure why someone is required to use those filters when you install DSL).

]]> By: Pantagruel http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-108630 Pantagruel Fri, 08 Feb 2008 12:45:17 +0000 http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-108630 Stefans Home said: Easy entry into VoIP-lans... The main reasons why VoIP is usually sold, is the fact that one can use the already available ethernet structure for both voice and data transport. It is commonplace to separate your data net from the voice net by the use of VLANs (virtual lans). We have an Avaya based VoIP system at work, it worked quite well and the 'holes' where pluged Stefans Home said:

Easy entry into VoIP-lans…

The main reasons why VoIP is usually sold, is the fact that one can use the already available ethernet structure for both voice and data transport. It is commonplace to separate your data net from the voice net by the use of VLANs (virtual lans).

We have an Avaya based VoIP system at work, it worked quite well and the ‘holes’ where pluged

]]> By: eM3rC http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-108147 eM3rC Thu, 07 Feb 2008 05:30:50 +0000 http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-108147 Seems like it would be a fun thing to play with. Anyone know what Stefans Home said? Seems like it would be a fun thing to play with.

Anyone know what Stefans Home said?

]]> By: goodpeople http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-98419 goodpeople Tue, 15 Jan 2008 16:58:27 +0000 http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-98419 I've never had the opportunity to play in a voip environment. But this sounds like a usefull tool.. I’ve never had the opportunity to play in a voip environment. But this sounds like a usefull tool..

]]> By: Stefans Home http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-98141 Stefans Home Mon, 14 Jan 2008 11:10:38 +0000 http://www.darknet.org.uk/2008/01/voip-hopper-vlan-hopping-tool/#comment-98141 <strong>Komfortabler Einstieg in VoIP-VLANs...</strong> Der Vorteil, mit dem VoIP h Komfortabler Einstieg in VoIP-VLANs…

Der Vorteil, mit dem VoIP h

]]>