Sign up
 Vonage  

       
 
Vonage Forum Menu

Vonage Forums
Vonage VoIP Forum
AaronzKix Posted:
impotence forum
viagra black
viagra without
prescription
is viagra the
...

In The Forum:
Vonage
Topic:
Allow low-priced pill generic no remedy
On Jan 15, 2017 at 14:09:05

Bobbiedet Posted:
rz7433bw6925 <a
href="
http://lev365.com
">buy
levitra</a>
...

In The Forum:
Vonage
Topic:
levitra online specials
On Jan 15, 2017 at 10:43:27

Bobbiedet Posted:
rs7458 et409
payday loan online
wk2018 gs2575
xs7015 online
pharmacy nz2685
...

In The Forum:
Vonage
Topic:
genpharma finasteride hair loss
On Jan 15, 2017 at 07:49:31

Bobbiedet Posted:
ok3155rc7615 <a
href="
http://buy-viagra-
iner.com ">buy
cheap
viagra</a>
...

In The Forum:
Vonage
Topic:
buy levitra computer
On Jan 14, 2017 at 15:59:29

Ridgepr Posted:
...
In The Forum:
Vonage
Topic:
The best essay writing service. 11895 likes!
On Jan 14, 2017 at 10:28:23

Bobbiedet Posted:
lt5426yd9443 <a
href="
http://ciali3.com
">online
pharmacy</a>
...

In The Forum:
Vonage
Topic:
diabetes cialis tablets
On Jan 14, 2017 at 09:36:32

GalenSi Posted:
...
In The Forum:
Vonage
Topic:
IMHO, the best paper writing service. 17906 likes!
On Jan 14, 2017 at 09:30:36

Bobbiedet Posted:
ha3824
http://buy-viagra-
iner.com pfizer
viagra
pa6398do9843
pd3587
http://paydl01.com
...

In The Forum:
Vonage
Topic:
online pharmacy viagra
On Jan 14, 2017 at 06:47:30

Bobbiedet Posted:
fs4995 xs3447
ohio payday ballot
ks7793 af9602
vw1425 buy cheap
levitra wp526
...

In The Forum:
Vonage
Topic:
buy cialis online mexico
On Jan 14, 2017 at 02:26:14

KrystalDog Posted:
Buy Trileptal
Online Saturday
Delivery ->
Trileptal
overnight no
consult
...

In The Forum:
Vonage
Topic:
Buy Trileptal Online Saturday Delivery -> Trileptal overn
On Jan 13, 2017 at 14:05:35


Vonage VoIP Forums

Vonage In The News
Vonage Holdings Corp. Reports Fourth Quarter and Full Year 2013 Results

Carolyn Katz Elected to Board of Directors of Vonage Holdings Corp.

Syndication

Vonage Customer Reviews
Vonage vs. Time Warner Cable SoCal
Vonage vs. Time Warner Cable SoCal



Vonage UK Review
Vonage UK Review



Vonage Pros and Cons for 2006
Vonage Pros and Cons for 2006



Vonage, a VT2142 and a RTP300, My Experiences - A Detailed Review
Vonage, a VT2142 and a RTP300, My Experiences - A Detailed Review



Salt Lake City: impressions after several months
Salt Lake City: impressions after several months




Vonage Reviews


Post new topic   Reply to topic  Vonage® VoIP Forum - Vonage News, Reviews And Discussion » Vonage Forum Archive
Author Message
Robbo
New Forum Member
New Forum Member


Joined: Jun 18, 2003
Posts: 3

PostPosted: Tue Aug 19, 2003 1:25 am    Post subject: Security Advisory Reply with quote Back to top

Has anyone seen this? Can't find a response from Vonage. Should I be worried?
Shocked
---------
Original Advisory: Wednesday, August 13, 2003

Severity: Medium - High

Description: An attacker using the Voip (Voice Over IP) carrier Vonage,
has the ability to spoof the caller ID of a called party through the three-
way calling feature. This trick essentially acts similar to a POTS-based
diverter, as it allows the attacker to carry out illicit telephone
activities while hiding his or her phone number.

Version: This was tested using Cisco Systems' ATA 186 Voip hardware on the
Vonage carrier.

Author: Nathan Wosnack



Vonage Background:

"Using an existing high-speed Internet connection, Vonage technology
enables anyone to make and receive phone calls - worldwide - with a touch-
tone telephone. Offering quality phone service bundled with enhanced IP
communications services, our interactive communications portal is a
gateway to advanced features only available through digital telephone
service. Utilizing our global network and advanced routing technologies,
Vonage offers an innovative, feature-rich and cost effective alternative
to traditional telephony services."


Description of the problem:

By using SIP-enabled voice over IP (VOIP) hardware such as the Cisco ATA
186 Analog Telephone Adaptor, it's possible to spoof the caller
identification that shows up on a call. The attacker only needs to call up
a regular phone line (POTS - plain old telephone service), place the
caller on hold, flash over to a dial tone using the threeway call feature,
and then call a second party for this to work. The caller ID information
that tends to show up is the first called party's telephone number with
either their name listed or "unknown name" showing on a conventional
caller-id enabled telephone. The opportunity for abuse is high and could
allow the determined attacker to social engineer your telephone, cable, or
utility company into modifying your services. Since many companies only
require the person's name, address, and caller id for account
authentication, this vulnerability helps the attacker. The other
opportunities this vulnerability gives the attacker is the ability to
spoof anyone's caller id information for phone hacking (often
called "phreaking"); such as breaking into voice mail accounts and PBX
exploitation for the purpose of proprietary information gathering and
telephone fraud.


Solutions to the problem:

This issue is something that Vonage will need to investigate on their end.
The proper routing of caller id information after a third-party call is
initiated is the problem, and needs to be resolved by the Vonage IT staff
figuring out why their Voip switching equipment doesn't pass this data
properly. The Hypervivid Solutions staff has contacted Vonage directly
about this issue, so it can hopefully be resolved shortly.

For everyone else, your best defense is to be aware of who is calling you.
If you happen to receive a phone call from an unknown party who wants to
place you on hold, hang up immediately and then call them back.
If you hear a recording telling you the number is not in service, then
you've likely reached a Vonage gateway number, which mean you were likely
called by someone attempting to exploit this Vonage Voip vulnerability.


Conclusion:

In the past year, Voice over IP telephony has seen many security issues.
The Voip issues range from vendor implementations of the Session
Initiation Protocol (SIP), problems with remote-accessible code which can
be exploited to cause a denial of service, Voip phones that are weak in
ways that facilitate man-in-the-middle attacks directed at intercepting
telephone traffic, and most recently 3-way caller ID spoofing on Vonage.

When the information security community works closely with vendors and
carriers, these problems can be resolved quickly and efficiently enough to
limit or even eliminate any abuse by phone phreaks and criminals.


Related Links:


http://www.hypervivid.com/ - Information, Telecom and Wireless Security
Consulting Firm.


Vendor Contact:

http://www.cisco.com/ - Cisco Systems, Inc. Manufacturer.
http://www.vonage.com/ - American Voip telecom carrier.
View user's profile Send private message Visit poster's website
g
Guest





PostPosted: Tue Feb 03, 2004 11:41 pm    Post subject: firmware Reply with quote Back to top

don't have the service but thought this was fixed in the next firmware upgrade for the cisco ata
spoofing
New Forum Member
New Forum Member


Joined: Feb 05, 2005
Posts: 2

PostPosted: Sat Feb 05, 2005 10:57 pm    Post subject: Fake caller id Reply with quote Back to top

Go to www.covertcall.com/6133

this site offers caller id spoofing.

check it out. only 5 cents a minute...

there is a free test you can do.

so goto the link, register your phone number and call your self off the test to see different numbers come up on your caller id.

when you register though, know that your using your phone number, and u wont be able to register that # again.
View user's profile Send private message
DarKev
Vonage Forum Evangelist
Vonage Forum Evangelist


Joined: Jan 25, 2005
Posts: 336
Location: Gatineau, QC

PostPosted: Sun Feb 06, 2005 1:28 am    Post subject: Reply with quote Back to top

The Caller Id spoofing was happening with Call Transfer (announcement). The feature was activated using #91. It was not the 3-way calling feature that was causing the spoofing.

Over the past couple of months, Vonage has disabled #91 from doing this. So we all have nothing to worry about.
View user's profile Send private message
matth
Vonage Forum Master
Vonage Forum Master


Joined: Dec 07, 2004
Posts: 281
Location: Williamsport, PA

PostPosted: Sun Feb 06, 2005 8:50 pm    Post subject: Reply with quote Back to top

Yeah you can do this with camophone.com too. This is nothing new. Infact you can do it with most any PBX system. BUT remember... you are spoofing CID... ANI is what the phone company uses for things such as call tracking and 800 numbers... so you really aren't spoofing anything that hasn't been done before.. and this is not a huge deal.
View user's profile Send private message Visit poster's website AIM Address
covertcalling
New Forum Member
New Forum Member


Joined: Mar 09, 2005
Posts: 1

PostPosted: Wed Mar 09, 2005 1:32 am    Post subject: Reply with quote Back to top

I have personally used the service www.highvolumetraffic.com to spoof my caller id, and get into other cellphone voicemail accounts with ease...

Its not about the fact that this technology has been around, its about how easy it is for anyone who doesnt want to buy their own pbx system and pay through the nose to the phone company for the dedicated line. Or mess with their Voip hardware, etc... Easy end user access...
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


All times are GMT - 5 Hours

Vonage Service Plans


Vonage VoIP Members
Members List Members
New Aviollamuh
New Today 5
Yesterday 17
Total 99378

Who Is On Site
Visitors 114
Members 0
Total 114


Vonage VoIP Forum Members:
Login Here
Not a Member? You can Register Here
As a registered member you will have access to the VoIP Speed Test, Vonage Service Announcements and post comments in the
Vonage VoIP Forums

Vonage Stock Price
Value: 7.83
Change:   N/A
Up to 15 Minute Delay

Site Search
 






†AK and HI residents pay $29.95 shipping. ††Limited time offer. Valid for residents of the United States (&DC), 18 years or older, who open new accounts. Offer good while supplies last and only on new account activations. One kit per account/household. Offer cannot be combined with any other discounts, promotions or plans and is not applicable to past purchases. Good while supplies last. Allow up to 2 weeks for shipping. Other restrictions may apply.

1Unlimited calling and other services for all residential plans are based on normal residential, personal, non-commercial use. A combination of factors is used to determine abnormal use, including but not limited to: the number of unique numbers called, calls forwarded, minutes used and other factors. Subject to our Reasonable Use Policy and Terms of Service.

2Shipping and activation fees waived with 1-year agreement. An Early Termination Fee (with periodic pro-rated reductions) applies if service is terminated before the end of the first 12 months. Additional restrictions may apply. See Terms of Service for details.

HIGH SPEED INTERNET REQUIRED. †VALID FOR NEW LINES ONLY. RATES EXCLUDE INTERNET SERVICE, SURCHARGES, FEES AND TAXES. DEVICE MAY BE REFURBISHED. If you subscribe to plans with monthly minutes allotments, all call minutes placed from both from your home and registered ExtensionsTM phones will count toward your monthly minutes allotment. ExtensionsTM calls made from mobiles use airtime and may incur surcharges, depending on your mobile plan. Alarms, TTY and other systems may not be compatible. Vonage 911 service operates differently than traditional 911. See www.vonage.com/911 for details.

** Certain call types excluded.

www.vonage-forum.com is not an official Vonage support website & is independently operated.
All logos and trademarks are property of their respective owners. All comments are property of their posters.
All other www.vonage-forum.com content is © Copyright 2002 - 2013 by 4Sight Media LLC.

Thinking of signing up for Vonage but have questions?
Business and Residential customers can call Toll Free 24 hours a day at: 1-888-692-8074
No Vonage Promotion Code or Coupon Codes are required at www.vonage.com to receive any special,
best Vonage cheap deals, free sign up offers or discounts.

[ | | | | | ]

Vonage Forum Site Maps

Vonage | VoIP Forum | How VoIP Works | Wiring and Installation Page Two | International Rate Plans 2 | Internet Phone
Promotion | Vonage Review | VoIP | Broadband Phone | Free Month | Rebate | Vonnage | Vontage | VoIP | Phone Service
Phone | llamadas ilimitadas a Mexico | Latest News | VoIP Acronyms | Deal | Philippines Globe Phone | Site Maps

The Vonage Forum provides the Vonage sign up Best Offer Promotion Deal.
If you are considering signing up for Vonage and have found our Vonage News, Customer Reviews, Forums
& all other parts of this site useful, please use our Vonage Sign up page.


Vonage VoIP Phone Service is redefining communications by offering consumers
& small business VoIP Internet phones, an affordable alternative to traditional phone service.
The Vonage VoIP Forum Generated This Page In: 0.72 Seconds and 418 Pages In The Last 60 Seconds
The Vonage VoIP Forum