We've had a lot of people ask us how they can scan their own network to find out if they are vulnerable to the video conferencing issue described in
HD's blog post Board Room Spying for Fun and Profit and the various news coverage of the video conferencing story. Here's a quick how-to:
- Download a free trial of Metasploit Pro.
- Create a New Project and click on Scan on the Overview tab
- Click on Advanced Options
- Change Custom TCP source port to 1720
- Uncheck UDP service discovery for faster scanning
- Ensure that Scan H.323 video endpoints is checked
- To validate an identified service, connect with a H.323-capable client such as NetMeeting (Windows XP), Ekiga (cross-platform, but buggy), Mirial Softphone (commercial), or ClearSea In the Cloud (only able to reach internet-exposed devices). For internal systems, I still rely on NetMeeting in a XP virtual machine as the most reliable H.323 client, however, this lacks the Pan-Tilt-Zoom (PTZ) and keypad controls of a more advanced client like Mirial or ClearSea In the Cloud.
Get your free trial of Metasploit Pro now and start your scan!