In article <firstname.lastname@example.org>, T. Sean Weintz
> Choreboy wrote:
> Caller ID CAN be spoofed using VOIP. Apperently SIP allows for this, and
> some VOIP providers leave this feature open for customers to use/abuse.
> I know hackers were spoofing caller ID over VOIP using the ASTERISK open
> source PBX system which lets you set all the nitty gritty SIP parameters
> -- apparently including the CLID string. From what I understand, some
> providers filter this at their switch, some don't ...
VoIP is neither 'sufficient' to guarantee being able to spoof the
calling number, nor is it 'necessary'. :)
You've got to have the 'right kind' of head-end interconnect to the
PSTN, _and_ be dealing with a carrier that does not restrict what info
you can pass for the "calling number" info.
> PRI's are a standard type of high cap ISDN line (as opposed to BRI,
> the low cap vesrion). I think caller ID can be spoofed from EITHER
> type of ISDN line, assuming one has the right type of equipment
> plugged into it (which usually means a PBX switch)
It's a very _rare_ occurrence that one would be able to do it via a
BRI. at least in the U.S. Those lines almost invariably are
configured with the telco over-riding any info the customer might
send. BRIs are generally offered in a *limited* number of
configurations by the telcos (whether ILEC or CLEC) on a 'pick from
the menu' basis, and you take one of those choices, or you don't get a
BRI. I've _never_ seen one of the canned BRI options that had the
capability for passing unrestricted CLID info. This isn't to say that
such an offering _couldn't_ exist, just that I've never run across it
in dealing with several ILECs, and a number of the major CLECs.