[Asterisk-Dev] Security issue mumblings
Tilghman Lesher
tilghman at mail.jeffandtilghman.com
Sun Nov 6 21:54:32 MST 2005
On Sunday 06 November 2005 13:48, John Todd wrote:
> [sent to -dev first to avoid total devolution into wild speculation
> and nonsense on -users]
>
> http://www.accessintel.com/cgi-bin/press/show.cgi?1130972376
>
> Can anyone here speak more clearly on this otherwise un-useful list
> of assertions as to "security flaws with VoIP" specifically
> referencing Asterisk? The lack of a protocol discussion is
> suspicious - VoIP is not homogenous. The other term of "billing
> code" is also suspicious - I can't recall a "billing code" field in
> my SIP packets. CCM is mentioned - is this an SCCP issue?
>
> Perhaps most importantly (and relevant to -dev) is this an issue
> that can be resolved or patched within Asterisk, or is it that
> Asterisk is being used as the toolset to wedge into other
> platforms?
It is referencing the fact that audio is sent with some gateways
whether or not the call is marked as answered. Essentially, the
argument is that once one end of the VoIP call is compromised, you
can't trust the billing information on either end. The solution
would be to ensure that audio data isn't passed end-to-end until the
call is marked as answered.
An additional problem is that for inband DTMF calls, you may need the
audio path to be established, prior to the call being marked as
answered (such that PIN codes may be entered).
In terms of SIP, the modification might be as simple as never sending
an ACK to a 200, thereby never notifying the remote end that the
answer is confirmed. How that violation of the SIP spec is handled is
obviously implementation-defined.
--
Tilghman
More information about the asterisk-dev
mailing list