[VOIPSEC] RTP-borne virus examples?
art at codenomicon.com
Sun Dec 4 21:01:51 GMT 2005
Encryption does not protect against any virus/worm type attacks. It
protects against anyone detecting and preventing the attack. Signing
also does not protect against the attack, you will just (with some
level of assurance) know who hit you. And finally PKI does not prevent
the attack, but you will just need to rely on the black-listing
capabilities (which is close to impossible to implement) of it to
prevent known attackers or misconfigured domains from attacking you.
There are some non-virus related malware attacks in RTP that IPsec
will protect you from, but as those are still not very widely known, I
will not describe them any further yet.
On Fri, Dec 02, 2005 at 03:48:07PM -0000, dhiraj.2.bhuyan at bt.com wrote:
> Securing the media stream (using IPSec for example) will solve many such
> issues. But in my opinion, there seems to be not much interest in
> securing the media stream at this moment. I might be wrong (hopefully!).
> Dhiraj Bhuyan, CISSP
> Senior Network Security Researcher,
> pp2A, Rigel House, BT Group CTO
> Martlesham Heath, Ipswich, IP5 3RE
More information about the Voipsec