[VOIPSEC] VoIP Attack : How feasible

info+lucretia.ca info at lucretia.ca
Fri Jul 28 23:42:27 BST 2006 

First sign of sanity on this thread.  Is there a purpose to this or is this
simply troll-bait?

James Friesen, CIO
Lucretia Enterprises
Our World Is Here
info at lucretia dot ca
http://lucretia.ca


> -----Original Message-----
> From: Voipsec-bounces at voipsa.org
> [mailto:Voipsec-bounces at voipsa.org] On Behalf Of Volker Tanger
> Sent: Friday, July 28, 2006 12:06 PM
> To: Voipsec at voipsa.org
> Subject: Re: [VOIPSEC] VoIP Attack : How feasible
>
> On Fri, 28 Jul 2006 15:34:19 +0800
> Simon Horne <s.horne at packetizer.com> wrote:
>
> > VPNs do not provide end to end authentication.
>
> Maybe if you are using net2net VPNs - if using host2host
> (end2end) VPNs, then they do. At least for the IP connection, that is.
>
>
> > VPNs do not provide end to end encryption.
>
> See above.
>
>
> > VPNs do not provide efficient NAT Traversal.
>
> If using UDP-encapsulated IPSec or OpenVPN, they do. It's
> just plain UDP traffic then, no problem to NATify in any way.
>
>
> > traversing NAT which excludes methods like UPnP from being a
> > functional solution
>
> *ahem*  UPnP is not a functional solution for quite a lot of
> stuff it does. It is especially unusable for corporate
> environments - with UPnP-enabled "firewalls" any client can
> configure any port-forwarding from outside to inwards which
> is exactly what you do not want on a corporate firewall.
>
>
> > In 10 years of VoIP NAT and security development and after
> truckloads
> > of  publicized RFC's and white papers why are we still
> talking about
> > VPN's?  Surely there must be better solutions that can be deployed
> > today. There is,  just they are not available in SIP.
>
> ...or any other VoIP protocols that rely on symmetric RTP as
> transport mechanism (which needs helper protocols and stuff
> for NATability).
>
> Bye
>
> Volker
>
>
> --
>
> Volker Tanger    http://www.wyae.de/volker.tanger/
> --------------------------------------------------
> vtlists at wyae.de                    PGP Fingerprint
> 378A 7DA7 4F20 C2F3 5BCC  8340 7424 6122 BB83 B8CB
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>

More information about the Voipsec mailing list