[VOIPSEC] RTP cross-talk; RE: maybe vulnerability at sjphone

Schwarz Albrecht Albrecht.Schwarz at alcatel-lucent.de
Wed Dec 5 06:09:42 CST 2007 

This might be the well-known RTP cross-talk problem, which is documented
for H.248-controlled RTP endpoints in H.Sup5, see clause 5 wrt to A, B &
C parties:

http://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-H.Sup5-200611-I!!
PDF-E&type=items
 
The problem as such is related to transient effects in resource
management of RTP resources. I.e. also relevant for SIP, MGCP controlled
RTP endpoints as well.

Albrecht


> -----Original Message-----
> From: voipsec-bounces at voipsa.org 
> [mailto:voipsec-bounces at voipsa.org] On Behalf Of Diana Cionoiu
> Sent: Mittwoch, 5. Dezember 2007 12:11
> To: Sharon Laiv
> Cc: voipsec at voipsa.org
> Subject: Re: [VOIPSEC] maybe vulnerability at sjphone
> 
> Hi Sharon,
> 
> But this doesn't really help since you can only do that if 
> you are a man in the middle, and if you are a man in the 
> middle you can replace the RTP anyway.
> Anyway this kind of behavior is normal because all those SIP 
> fans believe that RTP should come from anywhere and it should 
> go to anywhere.
> 
> Diana
> 
> 
> Sharon Laiv wrote:
> > hi all,
> >  
> > I just did the following experiment: 
> > I did a regular SIP call between 2 SJPhones (latest 
> release), lets say from IP A to IP B.
> >  
> > While in a call, I stopped sending RTP from B to A.
> > Then I started sending RTP from C to A (C is not known to A 
> and was no part of the signaling at all...).
> >  
> > as a result, A started to get and render the RTP stream 
> from C and changed it's RTP stream to C!!!
> >  
> > So without no difficulty I I have stolen the strem from A to B....
> > ( I guess this is a symmetric RTP like feature that is 
> aimed to help 
> > the crossing of NATs)
> >  
> > any comments?
> >  
> >
> >  
> > Thanks,
> > Sharon
> >
> >
> >       
> > 
> ______________________________________________________________________
> > ______________ Get easy, one-click access to your favorites.
> > Make Yahoo! your homepage.
> > http://www.yahoo.com/r/hs
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> >   
> 
> 
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>

More information about the Voipsec mailing list