[VOIPSEC] RTP cross-talk; RE: maybe vulnerability at sjphone
Dan Wing
dwing at fuggles.com
Fri Dec 14 13:15:14 CST 2007
Schwarz Albrecht wrote:
> This might be the well-known RTP cross-talk problem, which is documented
> for H.248-controlled RTP endpoints in H.Sup5, see clause 5 wrt to A, B &
> C parties:
>
> http://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-H.Sup5-200611-I!!
> PDF-E&type=items
>
> The problem as such is related to transient effects in resource
> management of RTP resources. I.e. also relevant for SIP, MGCP controlled
> RTP endpoints as well.
A solution to this problem would be to require "C" to initiate an
ICE connectivity check before "A" plays out the media from "C". This
would prove that "C" knows the username fragment generated by "A".
-d
> Albrecht
>
>
>> -----Original Message-----
>> From: voipsec-bounces at voipsa.org
>> [mailto:voipsec-bounces at voipsa.org] On Behalf Of Diana Cionoiu
>> Sent: Mittwoch, 5. Dezember 2007 12:11
>> To: Sharon Laiv
>> Cc: voipsec at voipsa.org
>> Subject: Re: [VOIPSEC] maybe vulnerability at sjphone
>>
>> Hi Sharon,
>>
>> But this doesn't really help since you can only do that if
>> you are a man in the middle, and if you are a man in the
>> middle you can replace the RTP anyway.
>> Anyway this kind of behavior is normal because all those SIP
>> fans believe that RTP should come from anywhere and it should
>> go to anywhere.
>>
>> Diana
>>
>>
>> Sharon Laiv wrote:
>>> hi all,
>>>
>>> I just did the following experiment:
>>> I did a regular SIP call between 2 SJPhones (latest
>> release), lets say from IP A to IP B.
>>>
>>> While in a call, I stopped sending RTP from B to A.
>>> Then I started sending RTP from C to A (C is not known to A
>> and was no part of the signaling at all...).
>>>
>>> as a result, A started to get and render the RTP stream
>> from C and changed it's RTP stream to C!!!
>>>
>>> So without no difficulty I I have stolen the strem from A to B....
>>> ( I guess this is a symmetric RTP like feature that is
>> aimed to help
>>> the crossing of NATs)
>>>
>>> any comments?
>>>
>>>
>>>
>>> Thanks,
>>> Sharon
>>>
>>>
>>>
>>>
>> ______________________________________________________________________
>>> ______________ Get easy, one-click access to your favorites.
>>> Make Yahoo! your homepage.
>>> http://www.yahoo.com/r/hs
>>> _______________________________________________
>>> Voipsec mailing list
>>> Voipsec at voipsa.org
>>> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>>>
>>
>>
>> _______________________________________________
>> Voipsec mailing list
>> Voipsec at voipsa.org
>> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>>
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
More information about the Voipsec
mailing list