Archived from groups: comp.dcom.voice-over-ip (
More info?)
"Martin 53N 1W" <ml_news@ddnospamddml1dd.co.uk.dd> wrote in message
news:J4LTc.286$Xu.267@newsfe4-gui.ntli.net...
> Kurt Jaeger wrote:
> > Martin 53N 1W <ml_news@ddnospamddml1dd.co.uk.dd> wrote:
> [...]
> >>Can SIP calls be evesdropped by someone else on the lan or internet??
> >
> > There are two parts in SIP: The control channel (SIP) and
> > the signal itself (RTP).
> >
> >>Is there an encrypted version?
> >
> > For RTP: SRTP
> > See e.g.: http://www.vovida.org/protocols/downloads/srtp/
>
> Thanks.
>
>
> So, unencrypted sip calls are easily eavesdropped if the link is
> accessible... (See ethereal.)
>
>
> Do the commercial VoIP providers encrypt the signal traffic?
dont think so.
Some of the IP PBX manufacturers support encryption (e.g. Avaya. Cisco maybe
Mitel), but i dont think there are any mature standards for this, and little
interoperability between equipment types.
>
> Or are all your VoIP internet calls 'out in the open'?
sort of - but they could only be intercepted if the "bad guy" had access to
a link on the route between the 2 end points - exactly the same as for a TDM
/ ISDN / "normal" phone call.
this may be similar to the arguments about just how useful https is in
practice - i havent come across any documented instances where a credit card
number or other info is disclosed by snooping on a conversation between end
points - it is much easier to break into the client PC or web server and get
at the data there.
>
>
> Regards,
> Martin
>
> --
> ---------- OS? What's that?!
> - Martin - To most people, "Operating System" is unknown & strange.
> - 53N 1W - Mandrake 10.0.1 GNU Linux
> ----------
http://www.mandrakelinux.com/en-gb/concept.php3
--
Regards
Stephen Hope - return address needs fewer xxs