[VOIPSEC] Help: Using SRTP for university project
M Rizal B Azmi
leadxr at yahoo.com
Fri Mar 17 04:28:27 CST 2006
The internet at my university doesn't allow UDP port 5060 to pass through so I am currently trying to utilize Brekeke OnDO SIP Server to act as the proxy. I have configured the proxy according to their manual. But I am unsure as to whether this configuration would work:
- OnDO SIP Server on PC1
- MiniSIP UA1 on PC1
- MiniSIP UA2 on PC2
Or do I need to have the SIP server on another PC? With the above setting, I am able to get both MiniSIP UAs to register on the proxy but no calls can be made from/to both sides. The only other SRTP-enabled UA i know of, Snom 360 Softphone, faces the same problem.
Also, I find that the 'Register' (right-click in the 'Accounts' menu) as well as the 'r' command in the command prompt of MiniSIP doesn't register the SIP URI. The UA has to be restarted in order to register an account. I assume it's a bug but doesn't pose much of a real problem I guess.
Cesc Santasusana <cesc.santasusana at nl.thalesgroup.com> wrote: MiniSIP needs an outbound proxy ... get free accounts at fwd.pulver.com,
for example ...
In the security tabs, one is pre-shared key scheme (that is, you just
need a passwd) ... Mikey DH (diffie Hellman) you need to create client
certificates ... which i think for now you don't want to.
As for the mikey library ... of course you don't need to do anything
else ...
Cesc
PS - Note that the windows version is under-test ... thus you may come
across several problems (some of them known in the Mikey part) ... Under
linux things run smoother ... we are working to repair this.
Unclassified
>>> M Rizal B Azmi 03/14/06 01:44pm >>>
I have already installed the binary version for windows. The security
settings tab in Preferences lists two key-exchanges. What is the
difference between the two and which one do I choose? I am however not
at my university at this moment and have installed the minisip UAs on 2
laptops interconnected via cross cables. Would this kind of setup be
usable for making direct SIP calls or do I need to be connected to an
SIP provider to establish a call?
Also, since minisip already has an MIKEYlibrary dll installed, I would
assume that I do not need to compile a seperate MIKEY library. Thanks
again for the support.
Regards,
Rizal
Cesc Santasusana wrote: In the
web page, see the "For developers" site.
You need to get the sources directly from the subversion repository.
Once you have them, in the Documentation/crosscompile/windows-mingw32
..... you'll find a step by step process. It is not easy, but if you
have
experience with linux and compilation, it should not be very
difficult.
On the other hand, we are working to bring autobuilding online ... so
that the binary packages would be always up to date ... but i have no
ETA as to when is it going to happen.
As to answering the rest ... a binary version for minisip can be found
in the webpage: "Download" -> Windows XP ... together with
instructions.
And we have never tried cygwin ... but there is no need, it runs
natively in both linux and windows ... so...
Regards,
Cesc
Unclassified
>>> M Rizal B Azmi 03/12/06 02:23pm >>>
Hi all,
Thanks for the many responses. Cesc, I have visited and downloaded the
miniSIP lib files from the website. However, I didn't find any
instructions for compiling and running the application under win XP.
Can
I simply use an emulator like cygwin?
Thanks & regards,
Rizal
Cesc Santasusana wrote: This is a
repeat ... i just replied to the wrong subject email :)
miniSIP (www.minisip.org, see instructions for SVN repository) does
SRTP with MIKEY key
exchange for a long time now. The mikey works very well
between minisips, and some testing has been done with libSRTP with no
major problems.
And since a couple months ago it also runs on windows XP/2000 boxes
and
a windows mobile 2003
port is almost ready.
Regards,
Cesc
Unclassified
>>> M Rizal B Azmi 03/09/06 10:21pm >>>
Hi all,
I'm doing a university project on VoIP security. It's purpose is to
analyze the impact of basic VoIP security measures on performance.
Currently the scope is focusing on SRTP as it doesn't effect QoS. The
only software phone I know which supports SRTP is the the Snom 360
Softphone. However, I can't seem to make it dial or receive any VoIP
calls. Snom support hasn't replied as of now.
My only other option is to use libSRTP but I do not understand how
to
utilize it as my programming knowledge is very low. So far I managed
to
compile it using cygwin but am stuck as to what to do next. After
applying SRTP, I would analyze the traffic using Ethereal and attempt
some packet sniffing to prove its functionality. The experimentation is
done at my uni lab with the following setup:
- Analog Telephones (Generic � 2 units)
- Analog Voice Modules (Cisco NM-2V � 2 units installed in
routers)
- Routers (Cisc
o 3725 Multiservice Access Router � 2 units)
- Switches (Intel Express 410T & Cisco 3550 Catalyst � 2 units)
- Desktop PCs (Compaq Evo D510 � Multiple units)
- Switches (Intel Express 410T & Cisco 3550 Catalyst � 2 units)
The two routers are interconnected via serial cable. Others are
connected using basic Ethernet UTP cables. Its a very basic setup of
two connected networks. (Not sure how to post the connection diagram in
here)
Thanks in advance for your assistance.
Regards,
M Rizal B Azmi
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
---------------------------------
..: Beta :.
www.myspace.com/BetaRawks
www.i-bands.net/audiovault/Beta
---------------------------------
Relax. Yahoo! Mail virus scanning helps detect nasty viruses!
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
More information about the Voipsec
mailing list