A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.voip (UK VOIP)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.voip (UK VOIP) (uk.telecom.voip) Discussion of topics relevant to packet based voice technologies including Voice over IP (VoIP), Fax over IP (FoIP), Voice over Frame Relay (VoFR), Voice over Broadband (VoB) and Voice on the Net (VoN) as well as service providers, hardware and software for use with these technologies. Advertising is not allowed.

VOIP secure ??



 
 
Thread Tools Display Modes
  #1  
Old March 31st 07, 12:10 AM posted to uk.telecom.voip
Stephane M
external usenet poster
 
Posts: 54
Default VOIP secure ??

Hi,

I just wonder if a communication is really secure ?

I mean, suppose that 2 peoplse connected to their own ASTERISK server,
and 2 users are connected to this server...

What do you think about the link between the phone and the server ?
(Usually using SIP protocol)
- Is that easy to intercept communications ?
- Is there a way to encrypt SIP communications ? if so, how can we do that ?

Thanks

Stephane
  #2  
Old March 31st 07, 12:07 PM posted to uk.telecom.voip
alexd
external usenet poster
 
Posts: 1,765
Default VOIP secure ??

Stephane M wrote:

Hi,

I just wonder if a communication is really secure ?

I mean, suppose that 2 peoplse connected to their own ASTERISK server,
and 2 users are connected to this server...

What do you think about the link between the phone and the server ?
(Usually using SIP protocol)


There's SRTP. It would need to be explicitly supported by the handsets, and
you'll probably have to re-compile Asterisk with libsrtp support:

http://www.e164.org/wiki/AsteriskSRTP

which looks "fun":

http://bugs.digium.com/view.php?id=5413

It's not entirely clear, however, that the plaintext SIP bit is encrypted -
so whilst your voice [RTP] will be encrypted, your signalling may not be.

- Is that easy to intercept communications ?


It Depends. Are the people spying on you on your LAN? Does your VoIP traffic
go out over the public internet?

- Is there a way to encrypt SIP communications ? if so, how can we do that


If your calls are traversing the internet, you'd probably find it easiest to
use a VPN tunnel.

--
http://ale.cx/ (AIM:troffasky) )
11:50:26 up 1 day, 3:37, 2 users, load average: 0.84, 0.63, 0.57
Yes. I'm just guessing.

  #3  
Old March 31st 07, 01:01 PM posted to uk.telecom.voip
Tim
external usenet poster
 
Posts: 385
Default VOIP secure ??

Stephane M wrote:
Hi,

I just wonder if a communication is really secure ?


Standard installations aren't very secure.

The RTP (audio data) is not encrypted.

The SIP (call setup signalling) is not encrypted and not authenticated.

Often people use weak passwords on their SIP servers


I mean, suppose that 2 peoplse connected to their own ASTERISK server,
and 2 users are connected to this server...

What do you think about the link between the phone and the server ?
(Usually using SIP protocol)
- Is that easy to intercept communications ?


If you can wireshark the network between the 2 end points, it is very
easily to get details of the calls.

But whether anybody would or not is another matter.


- Is there a way to encrypt SIP communications ? if so, how can we do
that ?


yes. SRTP - will protect the audio stream. SIPS will encrypt and
authenticate the SIP messages.

Snom phones support both SIPS and SRTP. I'm not sure about asterisk
support for security - I've never seen it working.


If I were looking for more secure communications, I would use a more
traditional SIP registrar, rather than asterisk. With SIPS enabled on
the server, and SRTP on the phones. Then audio data goes point to
point, rather than through the Asterisk server.


Tim
  #4  
Old March 31st 07, 09:18 PM posted to uk.telecom.voip
Desk Rabbit
external usenet poster
 
Posts: 169
Default VOIP secure ??

Stephane M wrote:
Hi,

I just wonder if a communication is really secure ?

I mean, suppose that 2 peoplse connected to their own ASTERISK server,
and 2 users are connected to this server...


It can be. I have an Asterisk box as my main PBX at work. I also have
one at home. The two are connected together over a VPN so all the
traffic that passes over the Internet between the boxes is encrypted.
  #5  
Old April 1st 07, 04:33 PM posted to uk.telecom.voip
Stephane M
external usenet poster
 
Posts: 54
Default VOIP secure ??

Desk Rabbit a écrit :
Stephane M wrote:
Hi,

I just wonder if a communication is really secure ?

I mean, suppose that 2 peoplse connected to their own ASTERISK server,
and 2 users are connected to this server...


It can be. I have an Asterisk box as my main PBX at work. I also have
one at home. The two are connected together over a VPN so all the
traffic that passes over the Internet between the boxes is encrypted.



but that mean that I need necessary to use a VPN connection !?!??

that would be nice to be able to use an ecrypted communication, even if
you want to use an VoIP provider... and I can't see how you could change
a setting for instance, on your 'hard' phone....

but thanks The VPN is effectively a solution......

And I can't see how to use a SIPS or SRTP protocol on a SPA941 for
instance.... can you !??!

Stephane
  #6  
Old April 1st 07, 09:08 PM posted to uk.telecom.voip
Tim
external usenet poster
 
Posts: 385
Default VOIP secure ??

Stephane M wrote:
And I can't see how to use a SIPS or SRTP protocol on a SPA941 for
instance.... can you !??!


They might do SRTP. I can check tomorrow.

I also believe that newer firmware on the Linksys products support SIP
over TCP. Which is a step on the way to SIPS.

SIPS always uses TCP.

Usually, you tell a device to attempt TCP or SIPS by having an
appropriate SRV record in place for the domain in question.

Tim
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How secure is SIP ? Doz uk.telecom.voip (UK VOIP) 5 August 25th 06 10:33 AM
Is Pc behind ICS nat pc fairly secure? ff uk.comp.home-networking (UK home networking) 6 March 11th 05 06:37 PM
Wep not secure - trust me wps uk.comp.home-networking (UK home networking) 7 February 26th 05 06:29 PM
How secure is WEP? Tony uk.comp.home-networking (UK home networking) 1 July 14th 04 07:19 PM
How secure is my wireless network....? Tony P uk.comp.home-networking (UK home networking) 21 June 10th 04 07:42 PM


All times are GMT +1. The time now is 09:20 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright ©2004-2019 BroadbanterBanter.
The comments are property of their posters.