[Asterisk-Users] INBAND DTMF G729 ASTERISK

Tzafrir Cohen tzafrir at cohens.org.il
Sat Jun 25 09:09:11 MST 2005


On Fri, Jun 24, 2005 at 11:57:17AM -0400, Julio Arruda wrote:

> 2- Out-of-band is as safe/unsafe as having the conversation recorded, 
> including pin, by the hacker, if no encrypted voice path is being used. 

I haven't given much thought to this earlier, so I hope the following is
not total crap:

in-band is in the data and out-of-band goes in the control stream of
SIP, right? If so, those two may be on different pathes, and it is also
possible to encrypt one and not the other. 

I figure it would make sense to encrypt the control stream alone, and
not waste costly resources on the data stream. FTP/Kerberos and (in a
way) telnet/Kerberos are similar.

/me wander off thinking about the impact of an attacker with just the 
ability to drop arbitrary packets from a VOIP connection.

-- 
Tzafrir Cohen         | tzafrir at jbr.cohens.org.il | VIM is
http://tzafrir.org.il |                           | a Mutt's  
tzafrir at cohens.org.il |                           |  best
ICQ# 16849755         |                           | friend



More information about the asterisk-users mailing list