System and method for detecting vulnerabilities in voice over IP networks
First Claim
1. A computer-implemented method, comprising the steps of:
- scanning at least two target systems;
identifying at least one target system that is voice-over IP enabled;
receiving at least one scan option, the scan option receives input from a user in which the user specifies parameters for crafting at least one individual message to be sent to the at least one target system, the at least one individual message being used for identifying specific security vulnerabilities within the at least one target system;
generating the at least one individual message based on the at least scan option;
sending the at least one individual message through the at least one target system;
analyzing how the at least one individual message was handled by the at least one target system; and
identifying the specific security vulnerabilities for at least one target system based on results of the analyzing step.
0 Assignments
0 Petitions
Accused Products
Abstract
A computer system and method for discovering voice over IP networks and detecting related vulnerabilities. The user identifies target servers or a network representing several targets to scan, and the system scans the specified servers to identify which support voice over IP services. The system returns a list of servers identified, and the user can export the list to the scanner. The scanner allows the user to specify scan options and then initiate a scan against specified servers or a network. The system performs the scan based on the scan options specified by the user, and displays the scan results to the user, such as one or more vulnerabilities found on the specified servers. The user can prioritize and categorize the collected data based on configurable settings. The user can also send a particular type of message to a voice over IP network and see the result.
13 Citations
20 Claims
-
1. A computer-implemented method, comprising the steps of:
-
scanning at least two target systems; identifying at least one target system that is voice-over IP enabled; receiving at least one scan option, the scan option receives input from a user in which the user specifies parameters for crafting at least one individual message to be sent to the at least one target system, the at least one individual message being used for identifying specific security vulnerabilities within the at least one target system; generating the at least one individual message based on the at least scan option; sending the at least one individual message through the at least one target system; analyzing how the at least one individual message was handled by the at least one target system; and identifying the specific security vulnerabilities for at least one target system based on results of the analyzing step. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
-
one or more processors; one or more computer-readable storage mediums containing instructions configured to cause the one or more processors to perform operations including; scanning at least two target systems; identifying at least one target system that is voice-over IP enabled; receiving at least one scan option, the scan option receives input from a user in which the user specifies parameters for crafting at least one individual message to be sent to the at least one target system, the at least one individual message being used for identifying specific security vulnerabilities within the at least one target system; generating at least one individual message based on the at least scan option; sending the at least one individual message through the at least one target system; analyzing how the at least one individual message was handled by the at least one target system; and identifying the specific security vulnerabilities for at least one target system based on results of the analyzing step. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer-program product, the product tangibly embodied in a machine-readable non-transitory storage medium, including instructions configured to cause a data processing apparatus to:
-
scan at least two target systems; identify at least one target system that is voice-over IP enabled; receive at least one scan option, the scan option receives input from a user in which the user specifies parameters for crafting at least one individual message to be sent to the at least one target system, the at least one individual message being used for identifying specific security vulnerabilities within the at least one target system; generate at least individual one message based on the at least scan option; send the at least one individual message through the at least one target system; analyze how the at least one individual message was handled by the at least one target system; and identify the specific security vulnerabilities for at least one target system based on results of the analyzing step. - View Dependent Claims (17, 18, 19, 20)
-
Specification