Open-AudIT
https://www.open-audit.org/phpBB3/

PC's behind VOIP Phones Can't be Audited
https://www.open-audit.org/phpBB3/viewtopic.php?f=10&t=3193
Page 1 of 1

Author:  Ericcorp [ Fri Mar 06, 2009 8:27 am ]
Post subject:  PC's behind VOIP Phones Can't be Audited

I administer a network that includes PCs and Aastra VOIP phones. The phones connect to the network, and have a passthrough port for a PC. Only a few PCs are behind phones, but it seems that I can't scan those PCs.

The PC IP is 10.1.30.140
The phone it's behind is 10.1.30.68

My audit.config file line:
strComputer = "10.1.30.140"

Settings the scanner to just look at one IP statically assigned to one such PC, this happens:


[code]

C:\xampp\htdocs\openaudit\scripts>cscript audit.vbs
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation. All rights reser

3/5/2009 5:17:26 PM,10.1.30.140 - Able to connect to
No username and password provided - therefore assumin
PC name supplied: 10.1.30.140
PC name from WMI: DOROTHY-LPTP
User executing this script: Administrator
System UUID: 4C4C4544-0043-5810-804D-B9C04F4E4731
IP: 10.1.30.68

C:\xampp\htdocs\openaudit\scripts>

[/code]

Odd, eh? I returns the IP of the phone, and then dies. I can scan other hardware on my network (I'm on a different subnet, but it routes properly). Any ideas? The PC has of course, had the firewall script ran on it.

Author:  Mark [ Fri Mar 06, 2009 1:58 pm ]
Post subject:  Re: PC's behind VOIP Phones Can't be Audited

Well, that's a new one for me !!!
What happens when you point NMap at botht the PC and the phone ?
What is the output of "route print" on the PC ?

Author:  Ericcorp [ Fri Mar 06, 2009 10:53 pm ]
Post subject:  Re: PC's behind VOIP Phones Can't be Audited

I don't have NMap setup here, let me do that. Is there a way to run only NMap and not a whole scan?

Are there any logs I can post from Open Audit that might help you out?

Author:  A_Hull [ Sun Mar 08, 2009 8:35 am ]
Post subject:  Re: PC's behind VOIP Phones Can't be Audited

Does the Voip phone have any form of traffic shaping or firewall? It might be blocking WMI. Can you see these machines when they are connected directly to the lan without the phone?
Can you nmap the phone?
Can you nmap the PC?
Can you run wireshark http://www.wireshark.org/ on the PC and watch for the traffic from your auditing machine?

Very odd... :?

Author:  edsulst [ Wed Dec 29, 2010 11:13 pm ]
Post subject:  Re: PC's behind VOIP Phones Can't be Audited

I have the same problem.
On the 2nd of december i've moved an pc to a different location with only 1 wall outlet.
I've connected my Avaya VOIP phone to the wall outlet en connected te pc to the Avaya VOIP phone.
Since then, the pc isn't audited.

Why ? I don't know. :(

Author:  jpa [ Thu Dec 30, 2010 3:18 am ]
Post subject:  Re: PC's behind VOIP Phones Can't be Audited

Suggestions:

Get on the latest version of OpenAudit from SVN ([url=http://www.open-audit.org/phpBB3/viewtopic.php?f=6&t=1430]using SVN client[/url] or [url=http://www.open-audit.org/phpBB3/viewtopic.php?f=8&t=2414#p17091]not[/url])
Set verbose = "y" in your audit.config file
Run an audit and post the screen output here
On the audited machine run "ipconfig /all" and post the output here

The IP that is displayed by the audit script is the value from an nslookup on the PC name from WMI. In the earlier example DOROTHY-LPTP maps to 10.1.30.68 in DNS.

Author:  maureena [ Wed May 11, 2011 7:58 pm ]
Post subject:  Re: PC's behind VOIP Phones Can't be Audited

How much does my computer affect VoIP call quality? The speed of my Internet is plenty fast but I often have poor call quality. How much will an individual computer which the VoIP call is through affect the call quality?

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/