Call Centre Recording When You’re a Tight Ass

A long long time ago I remember watching a talk by some 0-Day hacker from back in the day and he briefly covered the idea of promiscuous packet sniffing to grab VOIP packets on a network and then reassemble it for snooping on calls.

The talk itself covered eavesdropping and man in the middle attacks for this single VOIP call.  Unfortunately it was a pretty new idea back then and it was before youtube was a thing, so I was mesmerised by this and remembered it pretty damn well.  Fast forward a good many years and this sort of thing is discussed at the Defcon and Black Hat conferences pretty regularly as per the Youtube link here.

No big deal by today’s standards.  A lot of people would assume I intended to do exactly what they’re describing there and spy on the corporate network.  While the idea is cool and James Bond-ish, it can be far more useful to know this for legitimate reasons.

Anyone with a copy of Wireshark now days can sniff packets as they fly across the network and listen in for those going to and from a certain device, then reassemble the data to the final product.  In this case, a phone call.  I can’t convince you this is a good thing?  Ok let’s try the following.

Every year, companies spend a lot of money on phone systems that allow them to record incoming calls for quality, training, evidentiary purposes, etc.  Most of these systems involve custom hardware or “appliances” from the manufacturer of their phone systems.  I’m talking big money.

“You want to record 30 sales or support people?  How does $60,000 sit with your budget?  Don’t want to spend that much?  Sorry, that’s the cost.  But, you also get a bunch of other features…”   –  which you don’t want and can’t afford.

So I faced this question a few times in my career.  Most of the time, the department asking for a quote hears the price tag and does the old “We’ll let you know.”  But the thing is that it doesn’t have to be that way.  If I can do this with 1 call back in 2001, surely by now we can do more?  Yes.  Yes we can.  It’s not even that hard.  There’s a few parts to this thing.  So let me lay out how I did it.

First thing you’re going to need is your voice traffic to make its way to where it’s going by hitting the network.  This usually means TCP/IP and thus VOIP traffic.  If your company is still using a PSTN or POTS for this, get a new job.  Seriously, you’re better than that.

Second thing you’re going to want to do is buy the network guy (or whoever has the login for the switch this traffic passes through) a lot of drinks.  Lubricate that man/woman silly, then ask them to mirror the VLAN this traffic passes through out to a port on the switch your recording server is going to be connected to.  This can sometimes be harder than expected.  Worst case scenario, threaten to put a hub in there to do this because they wouldn’t.  It will achieve the same goal, but no one wants a hub on their network.  So they should cave pretty quick.

Third on the list is hooking up a nice stable server or some sort (or if your IT department cheaps out/lacks faith/steals your blade or rack space because a file server that stored all the office clipart went down) a desktop box with a dual core, 2 ethernet cards, at least 4gb of RAM and a 250gb hard drive to the mirrored network port and a normal network port.  The mirrored port will grab the packets on the way through like an eavesdropping box and the other network port will let you remote in (because screw getting out of your chair for this).

Now the hard part….not really.  Lucky us, Oreka is an open source bit of software that does what you need.  Sure there’s the full version, OrecX, but you’ve read this far and that means you’re a cheap skate and not going to pay for the extra cool features.  Choose your poison, Linux or windows (whatever you’re comfortable with).  I went with windows so I don’t have to support the thing until the end of time.  Follow the instructions from their site and you’re off and running.



Pro tip:  If your PABX or VOIP service is a badly configured Avaya system, you’re going to get this weird thing where you end up recording only one side of the conversation or sometimes just the signalling, ringing.  There is one magical setting in you PABX that fixes this right up like magic.  It’s not even a major change.  No one would even notice it and it holds no bearing on the rest of your PABX.  But I’m not telling and you’ll have to bribe it out of me dammit.  I worked extremely hard and read a lot of manuals to work it out.

0 comments on “Call Centre Recording When You’re a Tight AssAdd yours →

Leave a Reply

Your email address will not be published. Required fields are marked *