[55938] in North American Network Operators' Group
RE: VoIP over IPsec
daemon@ATHENA.MIT.EDU (Bender, Andrew)
Tue Feb 18 13:27:53 2003
Date: Tue, 18 Feb 2003 13:25:41 -0500
From: "Bender, Andrew" <abender@taqua.com>
To: <tedawson@attbi.com>, <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
> -----Original Message-----
> From: tedawson@attbi.com [mailto:tedawson@attbi.com]
>=20
> Comments inline:
> At 01:34 PM 2/17/2003 -0500, Charles Youse wrote:
>=20
> >So do you suppose that in my scenario, I'd be better off=20
> leaving the VoIP out=20
> >of the encrypted tunnels and use a separate [cleartext] path=20
> for them?
>=20
> Oh goodness no. VoIP (SIP specifically) has no real security=20
> in it. Call=20
> hijacking for example is a matter of sending a pair of=20
> spoofed UDP packets to=20
> each phone and having the voice streams arrive at the=20
> attackers machine. Not=20
> pretty, and I do this trick (and worse) daily. (in a lab as=20
> part of work of=20
> course)
What about sips:/TLS, S/MIME, and digest auth? These are all integral to =
the 'standard', and many popular implementations support these =
facilities currently.=20
IPSec may be less painful within a single domain, but in other cases, =
I'd think that these facilities (or their derivatives) are the only =
practical option for 'real' security. Granted it is all pretty worthless =
if you dont enable/use any of it... Am I missing something?
Regards,
Andrew Bender
taqua.com
