[VOIPSEC] Voice or Not -- Fake Voice Packet???
NBELAN at arkoon.net
NBELAN at arkoon.net
Wed Oct 5 03:42:22 CDT 2005
Hi,
It is an easy answer, I know, but the only thing to do is SRTP/SRTCP
between phone devices..
This allow ciphering of RTP packets and authentication.
But you can reduce the risk by using a "timestamp hole detection"
algorithm.
Well, if you receive a "looking like" rtp packet with a non predictable
timestamp value (past or - but probably - future)
into your stream (assuming that you can predict the timestamp evolution),
you may block or suspend it and see what it happening :
- if "old" timestampped packets continues to arrive, let them pass
through and deny "false" timestampped messages
or
- rebuild a predictable flow of timestamp values ..
It is not very accurate, violate RFC but quite correct I think.
Nicolas
Voipsec-bounces at voipsa.org a écrit sur 04/10/2005 16:45:58 :
> Hi,
>
> A VAD would definitely e an option but what if my spoofed/faked packets
> also contain voice? A VAD would still let these packets through.
>
> >From this perspective I think the question is whether somebody can
> determine if the received packets are actually from the given source and
> not from a different source that tries to send me unsolicited RTP
> packets.
>
> If I would take listen to the RTP stream, I could determine the SSRC and
> timestamp of the RTP and then start sending RTP packets with the
> subsequent timestamps so that the original packets will be discarded
> because my spoofed packets were received earlier.
>
> Is there anything you can do about such a scenario?
>
> roland
>
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of Thomas Howe
> Sent: 03 October 2005 19:37
> To: Vijay Shyamasundar Shyamasundar; Voipsec at voipsa.org
> Subject: Re: [VOIPSEC] Voice or Not -- Fake Voice Packet???
>
>
> Hi Vijay -
>
> To a certain (practical) extent, you can. Many coders have voice
> activity detection front ends, and they could be used as a basis for an
> algorithm to determine if the uncompressed packets contain stuff that
> looks like voice. As I recall (and it's been a while since my DSP days),
> they tend to look at energy levels and sinusoidal components.
>
> My question is, why do you care? If it doesn't have voice, then what's
> the big deal?
>
> Tom
>
>
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org on behalf of Vijay Shyamasundar
> Shyamasundar
> Sent: Mon 10/3/2005 2:09 PM
> To: Voipsec at voipsa.org
> Subject: [VOIPSEC] Voice or Not -- Fake Voice Packet???
>
> Hi All,
> Is there any way to find out if the packets are genuine voice packets
> or
> not. By looking into the Payload Type(PT) field of RTP packet, we can
> say if
> its audio/video.. and the codec used. What if i could generate some
> packets
> with that PT field showing it as audio packet while the payload contains
> something else.
> I would like to know if there is a way to find out if the packet really
> contains voice or not.
> Regards,
> Vijay
> On 9/9/05, Dalton, Ronda L <DaltonR at state.gov> wrote:
> >
> > NIST has a pretty good VOIP document:
> >
> csrc.nist.gov/pcig/CHECKLISTS/voip-checklist-073004.doc<http://csrc.nist
> .gov/pcig/CHECKLISTS/voip-checklist-073004.doc>
> > It a security checklist. Not sure what level your security is but its
> a
> > good starting point.
> >
> > RD
> >
> >
> > Date: Thu, 8 Sep 2005 10:52:04 +0100
> > From: "Barry Coatesworth" <Barry.Coatesworth at express-gifts.co.uk>
> > Subject: [VOIPSEC] VOIP security policy
> > To: <Voipsec at voipsa.org>
> > Message-ID:
> >
> <0535CAC7F841F241807D2701024E64B527BCDD at ukclaexc003.express.findel.co.uk
> >
> >
> > Content-Type: text/plain; charset="us-ascii"
> >
> > I am currently writing some VoIP security policy, it's the first time
> I
> > have had to write a VoIP one.
> >
> >
> >
> > Does anyone have example Security policy/guidelines that I could use
> as
> > a template? Or what must essential be included would also be helpful.
> >
> >
> >
> > thanks
> >
> > B.
> >
> >
> >
> >
> >
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> >
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
>
>
> Information contained in this e-mail and any attachments are
> intended for the use of the addressee only, and may contain
> confidential information of Ubiquity Software Corporation. All
> unauthorized use, disclosure or distribution is strictly prohibited.
> If you are not the addressee, please notify the sender immediately
> and destroy all copies of this email. Unless otherwise expressly
> agreed in writing signed by an officer of Ubiquity Software
> Corporation, nothing in this communication shall be deemed to be
> legally binding. Thank you.
>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list