[VOIPSEC] Eavesdropping on RTP - its UNLIKELY ?

[Derek MacmUrchy]

Hello,

 

How vulnerable is unencrypted RTP stream to eavesdropping ?

 

Using the following scale:

 

 - HIGHLY PROBABLE. It is easy to exploit the vulnerability

and there is little or no protection in place.

 - POSSIBLE. The vulnerability might be exploited, but some

protection is in place.

 - UNLIKELY. The vulnerability is hard to exploit and the protection in

place is good.

 

 

I believe that for average value traffic it is at most a POSSIBLE maybe an UNLIKELY, I believe this for two reasons:

 

-is not that likely that an attacker will get in a position where they can access network flows; ok maybe the insider on the LAN scenario and Wifi are possibilities but other than that its not really likely.

 

- even if the attacker accesses the network stream they still require the correct codec to listen the voice stream - this may not be all that simple as there is a significant number of propriety Codecs which attackers may well not have acces to. I know this is security by obscuiry but it might reduce the risk

 

Any thoughts ?

 

Of course I still think SRTP complimented by good standard key agreement and authentication protcols is a must have. 

 

Laters 

Derek