This session will explore a Case Study of a successful VoIP penetration test. A publicly accessible hotel room phone was used to access a hotel corporation's network, and gain access to corporate records, CEO emails and financials. We will uncover lessons learned, discuss a specific VLAN attack against VoIP, and review mitigation controls and best practices for securing VoIP networks. We'll also detail an open source tool to help test VoIP systems for vulnerabilities, and enable remediation. Bio - Jason Ostrom Jason Ostrom is a Security Tester for Vigilar, Inc. Jason is a graduate of the University of Michigan, Ann Arbor. His previous work experience includes stints for International Network Services (INS) and NTT/Verio. Bio - John Kindervag John is a 20-year veteran of the high-technology world. He has been involved with a variety of engineering projects ranging from basic LAN networking to sophisticated microwave and satellite technology. Currently, Kindervag is the Senior Security Architect for Vigilar, Inc., where he helps corporations design secure networks. Additionally, he manages Vigilar’s Vulnerability Assessment and Compliance Practice. He has particular expertise in the areas of PCI Compliance, Wireless Security, Intrusion Prevention, and Application Security. Kindervag also speaks to security conventions, user groups and technology associations on various security topics. Kindervag is also and "Ask the Expert" for SearchSecurityChannel. Prior to joining Vigilar, Kindervag started the security practice for a Cisco Gold VAR, Flair Data Systems, where he was principal security consultant. Kindervag holds a Bachelor of Arts degree in Communications from the University of Iowa.