[VOIPSEC] RE: VoIP and Banking Security
Nhut Nguyen
nnguyen at sta.samsung.com
Thu Jun 23 08:37:41 CDT 2005
Hi everyone,
This demonstrates the need for media encryption. Anyone know what is the
status of standards on media encryption for VoIP networks?
3GPP IMS specs (release 6) assume L2 encryption in the radio access
network so it does not cover this function, but now IMS is being used
for fixed access as well it may have to consider this. One potential
candidate is SRTP/MIKEY but how these standards are coming along in IMS
and other standards bodies? Anybody know?
-Nhut
------------------------------------------------------------------------
----
Message: 1
Date: Wed, 22 Jun 2005 11:52:29 -0700
From: "Al" <alanrice at comcast.net>
Subject: [VOIPSEC] VoIP and Banking Security
To: <Voipsec at voipsa.org>
Message-ID: <mailman.0.1119524402.31823.voipsec_voipsa.org at voipsa.org>
Content-Type: text/plain; charset="us-ascii"
Greetings,
New here, and yes, I did check the archives first.
I just finished a session with my bank using the touch pad on my phone.
When finished I dumped the packets captured during the transaction
(using
ethereal). I was a little dismayed and a lot alarmed to see wherever
the
protocol was RTP EVE that the numbers I pressed on the phone were
visible in
the info field:
Payload type=RTP Event, DTMF Eight 8
I'm guessing that if I can sniff these packets, so can anyone else.
Anyone have any comments to calm my nerves?
Thanks,
Al
------------------------------
*********
More information about the Voipsec
mailing list