[VOIPSEC] VOIP for free??
Diana Cionoiu
diana-liste at voip.null.ro
Mon Apr 11 09:59:26 CDT 2005
Hello Michael,
I was refering on the fact that you have to be in the middle (as in man
in the middle), which is far more complicated then you may think.
Diana
> Diana Cionoiu wrote:
> > RTP is not trivial to be listen,
> > and anyway who can listen you phone calls also can see your yahoo, icq,
> > msn,irc messages, so i think first we should solve those things and then
> > go after plain VoIP.
>
> I am not sure why you say this. For over two years, Ethereal has been
> able to decode RTP streams and save the audio into a file. This only
> takes a few clicks, and with a little time you could automate it completely.
>
> It is true that other more widely used protocols also have
> vulnerabilities, including DNS, SMTP, and HTTP. However, work on VOIP
> security does not block work on other protocols, so that is no reason to
> put VOIP security work on hold. It is easier to fix problems now while
> the protocols are still in relatively limited deployment.
>
More information about the Voipsec
mailing list