Video Conference Detection with PVS
Many customers have recently inquired about detection of video conferencing hardware and software, and Tenable’s research team has been developing additional PVS plugins to do just that.
Currently, PVS can detect video conferencing hardware solutions, such as Polycom, and software implementations utilizing proprietary and H.323 protocols, such as Skype and FaceTime. By monitoring traffic passively, PVS can detect the protocols, fingerprints, and vulnerabilities of video conferencing technology.
Here are some of the video conferencing software and hardware devices PVS currently detects:
- Polycom Soundpoint VoIP Phone Default Password (4888)
- Polycom Audio/Video Server Detection (6289)
- Skype Detection and Vulnerabilities (2405, 2406, 3070, 3268, 3627, 3772, 4310, 4531, 5362, 5898)
- Apple FaceTime Detection (5999)
- Windows Live Messenger Detection and Vulnerabilities (4804, 4196, 4197, 4210, 4211)
- DCS Video Server Detection (6290)
- DLINK Audio/Video Camera Detection (4526)
- TrackerCam Multiple Remote Overflows (2632)
- ICUII Peer-To-Peer Client Detection (2868)
- Windows Media Services Detection and Vulnerabilities (1198, 5153, 5154)
- SIP Server Detection (3763, 3767, 6291)
Additional plugins are developed every day! You can watch our RSS feeds for updates. A full list of PVS plugins is updated daily and available in PDF format.
Related Articles
Four Questions to Minimize the Cyber Risk of Your Public-facing Assets and Web Apps
November 17, 2021Ask the following four questions to help reduce cyber risk in your public-facing assets and web apps.
Cybersecurity Pros Face Significant Challenges with OT Security: Ponemon Report
April 5, 201962% of organizations in industries relying on operational technology experienced two or more business-impacting cyberattacks in the past 24 months, according to a report from Ponemon Institute an...
Recap: Geeking Out II with Marcus
April 15, 2013Ron and I spent most of the webcast rotating around the theme of detection algorithms: how do you determine what is normal and what is not? We started off with one of my favorite questions, "Are there...
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
November 22, 2024Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against cyberattacks.
Active Directory Under Attack: Five Eyes Guidance Targets Crucial Security Gaps
November 21, 2024A landmark global report from cybersecurity agencies emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the first of our two-part series, we offer five steps you can take today to shore up your AD defenses.
Five Cyber Agencies Sound Alarm About Active Directory Attacks: Beyond the Basics
November 21, 2024A landmark global report emphasizes 17 attack techniques against Microsoft Active Directory and cautions organizations to step up protections. In the second of our two-part series, we take you beyond the basics to highlight three key areas to focus on.
- Passive Network Monitoring