Video Conference Detection with PVS

by Randal T. Rioux
May 1, 2012

Many customers have recently inquired about detection of video conferencing hardware and software, and Tenable’s research team has been developing additional PVS plugins to do just that.

 

Vid_conf_plugins

Currently, PVS can detect video conferencing hardware solutions, such as Polycom, and software implementations utilizing proprietary and H.323 protocols, such as Skype and FaceTime. By monitoring traffic passively, PVS can detect the protocols, fingerprints, and vulnerabilities of video conferencing technology.

Here are some of the video conferencing software and hardware devices PVS currently detects:

  • Polycom Soundpoint VoIP Phone Default Password (4888)
  • Polycom Audio/Video Server Detection (6289)
  • Skype Detection and Vulnerabilities (2405, 2406, 3070, 3268, 3627, 3772, 4310, 4531, 5362, 5898)
  • Apple FaceTime Detection (5999)
  • Windows Live Messenger Detection and Vulnerabilities (4804, 4196, 4197, 4210, 4211)
  • DCS Video Server Detection (6290)
  • DLINK Audio/Video Camera Detection (4526)
  • TrackerCam Multiple Remote Overflows (2632)
  • ICUII Peer-To-Peer Client Detection (2868)
  • Windows Media Services Detection and Vulnerabilities (1198, 5153, 5154)
  • SIP Server Detection (3763, 3767, 6291)

Additional plugins are developed every day!  You can watch our RSS feeds for updates. A full list of PVS plugins is updated daily and available in PDF format.