I have a small company that does TSCM work – which is essentially sweeping homes and offices for eavesdropping devices. More and more businesses are starting to switch their phone systems over to VoIP - which obviously has it’s own set of eavesdropping risks. I can still do my regular checks on the phone device as well as wire pairs – but also need to be able to examine the computer-side of the phone system. In my opinion, an eavesdropping attack in a VoIP environment will most likely be at a software level as opposed to hardware.
I’m looking for someone who can provide some one-on-one instruction to address the following:
- what tools are needed to examine a network (I know that BT has things like UCSniff)
-how and where do you physically connect to a phone network for examination
- how do you examine ports on switches to see if someone is allowing traffic to flow where it shouldn’t be allowed to go
- what configurations need to be implemented (and how are they audited) to create a safe and eavesdropping-free environment

Please note that I am NOT looking to learn how to eavesdrop..... Also not looking for a free education.

All the best - and thank you.