[Asterisk-Users] INBAND DTMF G729 ASTERISK

Julio Arruda jarruda-asterisk at jarruda.com
Fri Jun 24 08:57:17 MST 2005


denis at isolve.com.br wrote:
>>On Thursday 23 June 2005 19:57, Brian West wrote:
>>
>>>With inband its at least not sent in clear text.
>>
>>It's trivial to pull DTMF out of an inband stream too.  Perhaps not AS
>>trivial
>>but just the same, you should be using SRTP if you're paranoid about this
>>kind of thing.
> 
> 
> We are on a real world... Every cyber cafe has its own little
> hacker/cracker that is sniffing out... A simple ethereal capture could
> give me a bank pin number... It is REALLY trivial!

I think the point(s) the others are trying to make:

1- It is not feasible to use inband in G.729 (or, as far as I know, any 
other compressed codec), and that is final. Other than that.

2- Out-of-band is as safe/unsafe as having the conversation recorded, 
including pin, by the hacker, if no encrypted voice path is being used. 
as others mentioned, DTMF tones would be very "obvious" in a trace 
(maybe someone may want to post an example). Remember, if the other end 
need to be able to "regenerate" the DTMF info, it MUST be present in the 
stream, so is as easy/hard as the other endpoint 'decoding' it.

PS: I seem to recall some Voice over data products that would upspeed to 
G.711, upon detecting of DTMF tones, this may have given someone the 
wrong impression, that the DTMF was being sent as G.729, when it was not 
in fact.
[], <O-O>







More information about the asterisk-users mailing list