[asterisk-dev] the strictrtp feature is almost useless

Simon Perreault simon.perreault at viagenie.ca
Thu Oct 14 16:01:33 CDT 2010

On 2010-10-14 16:52, Kevin P. Fleming wrote:
> "Surely"? The point we've been trying to make here is that that the
> receiver of the stream has *zero* information it can use to determine
> whether the stream is arriving from a legitimate source, in the case
> where the receiver is expected to support comedia (NAT) mode.

Folks, Kevin is right as always. RTP is insecure. Deal with it.

It's fixed in 1.8 with SRTP.

NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server        --> http://numb.viagenie.ca
vCard 4.0               --> http://www.vcarddav.org

More information about the asterisk-dev mailing list