[asterisk-dev] the strictrtp feature is almost useless
Simon Perreault
simon.perreault at viagenie.ca
Thu Oct 14 16:01:33 CDT 2010
On 2010-10-14 16:52, Kevin P. Fleming wrote:
> "Surely"? The point we've been trying to make here is that that the
> receiver of the stream has *zero* information it can use to determine
> whether the stream is arriving from a legitimate source, in the case
> where the receiver is expected to support comedia (NAT) mode.
Folks, Kevin is right as always. RTP is insecure. Deal with it.
It's fixed in 1.8 with SRTP.
Simon
--
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server --> http://numb.viagenie.ca
vCard 4.0 --> http://www.vcarddav.org
More information about the asterisk-dev
mailing list