SIP evesdropping/security

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

For SIP:

Is there a secure version?

Can SIP calls be evesdropped by someone else on the lan or internet??

Is there an encrypted version?

Thanks,
Martin


--
---------- OS? What's that?!
- Martin - To most people, "Operating System" is unknown & strange.
- 53N 1W - Mandrake 10.0.1 GNU Linux
---------- http://www.mandrakelinux.com/en-gb/concept.php3

 

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

Hi!

In article <WqVSc.3944$9M3.3854@newsfe2-gui.ntli.net>,
Martin 53N 1W <ml_news@ddnospamddml1dd.co.uk.dd> wrote:
>For SIP:
>
>Is there a secure version?

>Can SIP calls be evesdropped by someone else on the lan or internet??

There are two parts in SIP: The control channel (SIP) and
the signal itself (RTP).

>Is there an encrypted version?

For RTP: SRTP

See e.g.: http://www.vovida.org/protocols/downloads/srtp/

--
MfG/Best regards, Kurt Jaeger 16 years to go !
LF.net GmbH fon +49 711 90074-23 pi@LF.net
Ruppmannstr. 27 fax +49 711 90074-33
D-70565 Stuttgart mob +49 171 3101372

 

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

Martin 53N 1W wrote:
> For SIP:
>
> Is there a secure version?
>
There is sRTP for the media stream.

> Can SIP calls be evesdropped by someone else on the lan or internet??
Yes provided you have access to the data. Ethereal can capture,
decode and manipulate the media.
>
> Is there an encrypted version?
See IETF web site for sRTP.
>
> Thanks,
> Martin
>
>

 

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

Martin 53N 1W wrote:

> For SIP:
>
> Is there a secure version?
>
> Can SIP calls be evesdropped by someone else on the lan or internet??
>
> Is there an encrypted version?
>
> Thanks,
> Martin
>
>
Yes, it can be EASILY eavesdropped.
To see how, download the latest ethereal - you can actually export the
audio of a capture to an ".au" file and play it back, email it to
friends to laugh at, etc.

 

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

Kurt Jaeger wrote:
> Martin 53N 1W <ml_news@ddnospamddml1dd.co.uk.dd> wrote:
[...]
>>Can SIP calls be evesdropped by someone else on the lan or internet??
>
> There are two parts in SIP: The control channel (SIP) and
> the signal itself (RTP).
>
>>Is there an encrypted version?
>
> For RTP: SRTP
> See e.g.: http://www.vovida.org/protocols/downloads/srtp/

Thanks.


So, unencrypted sip calls are easily eavesdropped if the link is
accessible... (See ethereal.)


Do the commercial VoIP providers encrypt the signal traffic?

Or are all your VoIP internet calls 'out in the open'?


Regards,
Martin

--
---------- OS? What's that?!
- Martin - To most people, "Operating System" is unknown & strange.
- 53N 1W - Mandrake 10.0.1 GNU Linux
---------- http://www.mandrakelinux.com/en-gb/concept.php3

 

[Stephen]

Archived from groups: comp.dcom.voice-over-ip (More info?)

"Martin 53N 1W" <ml_news@ddnospamddml1dd.co.uk.dd> wrote in message
news:J4LTc.286$Xu.267@newsfe4-gui.ntli.net...
> Kurt Jaeger wrote:
> > Martin 53N 1W <ml_news@ddnospamddml1dd.co.uk.dd> wrote:
> [...]
> >>Can SIP calls be evesdropped by someone else on the lan or internet??
> >
> > There are two parts in SIP: The control channel (SIP) and
> > the signal itself (RTP).
> >
> >>Is there an encrypted version?
> >
> > For RTP: SRTP
> > See e.g.: http://www.vovida.org/protocols/downloads/srtp/
>
> Thanks.
>
>
> So, unencrypted sip calls are easily eavesdropped if the link is
> accessible... (See ethereal.)
>
>
> Do the commercial VoIP providers encrypt the signal traffic?

dont think so.

Some of the IP PBX manufacturers support encryption (e.g. Avaya. Cisco maybe
Mitel), but i dont think there are any mature standards for this, and little
interoperability between equipment types.
>
> Or are all your VoIP internet calls 'out in the open'?

sort of - but they could only be intercepted if the "bad guy" had access to
a link on the route between the 2 end points - exactly the same as for a TDM
/ ISDN / "normal" phone call.

this may be similar to the arguments about just how useful https is in
practice - i havent come across any documented instances where a credit card
number or other info is disclosed by snooping on a conversation between end
points - it is much easier to break into the client PC or web server and get
at the data there.
>
>
> Regards,
> Martin
>
> --
> ---------- OS? What's that?!
> - Martin - To most people, "Operating System" is unknown & strange.
> - 53N 1W - Mandrake 10.0.1 GNU Linux
> ---------- http://www.mandrakelinux.com/en-gb/concept.php3
--
Regards

Stephen Hope - return address needs fewer xxs

 

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

stephen wrote:
> "Martin 53N 1W" <ml_news@ddnospamddml1dd.co.uk.dd> wrote in message
[...]
>>Or are all your VoIP internet calls 'out in the open'?
>
> sort of - but they could only be intercepted if the "bad guy" had access to
> a link on the route between the 2 end points - exactly the same as for a TDM
> / ISDN / "normal" phone call.
[...]

Hence the weakest and most vulnerable parts are at each end on the local
lans... (Assuming that we can 'trust' our telcos.)

Thanks, good answer.

Regards,
Martin


--
---------- OS? What's that?!
- Martin - To most people, "Operating System" is unknown & strange.
- 53N 1W - Mandrake 10.0.1 GNU Linux
---------- http://www.mandrakelinux.com/en-gb/concept.php3

 

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

Martin 53N 1W <ml_news@ddnospamddml1dd.co.uk.dd> wrote in message news:<WqVSc.3944$9M3.3854@newsfe2-gui.ntli.net>...
> For SIP:
>
> Is there a secure version?
>
> Can SIP calls be evesdropped by someone else on the lan or internet??
>
> Is there an encrypted version?
>
> Thanks,
> Martin

If you want hardware with SRTP support, look at the SIPURA SPA-2000.

For UK/EU - http://www.sipura.co.uk

For USA - http://www.sipura.com

 

[Guest]

Archived from groups: comp.dcom.voice-over-ip (More info?)

Steve Blair <blairs@isc.upenn.edu> wrote in message news:<cfj114$df2c$1@netnews.upenn.edu>...
> Martin 53N 1W wrote:
> > For SIP:
> >
> > Is there a secure version?
> >
> There is sRTP for the media stream.
>
> > Can SIP calls be evesdropped by someone else on the lan or internet??
> Yes provided you have access to the data. Ethereal can capture,
> decode and manipulate the media.

So you are saying that one's ISP or LAN admin can easily eavesdrop on
all SIP calls, even if the SIP network one uses employs MD5 and
MD5-sess for DIGEST authentication and encryption?

In other words, do they not have to crack MD5 and MD5-sess before they
can eavesdrop?

Also, when a SIP network says they support MD5 and MD5-sess for DIGEST
authentication and encryption, does this mean that they are encrypting
every word of every conversation, or just the authentication process?

Thanks in advance!

Roddaman