VoIP Can Be Sniffed? Get Real!
Filed in archive Dangers by Dameon Welch-Abemathy on November 27, 2007

Back in March of 2004, I wrote a fairly detailed piece for Voxilla about VoIP and security issues. There are several things I did not cover in this rather lengthy article, reading back on it now, but some things remain true with SIP. More after the jump.
- Call Information Goes In The Clear: Yes with SIP, whom you are and whom you're calling does go in the clear. Yes, you can use Transport Layer Security (TLS) to encrypt this information.
- The Voice Data Goes In The Clear: What you're saying also goes in the clear as well. This can be mitigated by using SRTP to encrypt the data portion of the call.
Even if you don't employ encryption for either the call control information or the voice channel, here's the real truth: Unless you can somehow see all the traffic between the two parties, you can't sniff a VoIP call. And you know what? That's difficult to do. As I wrote in 2004:
In order to actually intercept the call setup or voice data for an in-progress SIP call, you have to be at a location where the call is traveling through, either at the telephone service provider or the ISP. Since it's possible for a connection to change routes midstream, there are only a couple of points where it is practical to intercept a SIP call: On either the SIP client or proxy's premises, or at the ISP used by either endpoint. This isn't unique to SIP: a PSTN call can be intercepted in similar locations.
If you're looking for more meat, Mr Blog's got it.
Bottom line: This SIPtap thing is overblown. Not only is it infeasible to employ, it can easily be worked around by employing encryption. What do you think?
Permalink: VoIP Can Be Sniffed? Get Real!
Tags:
voip+security
siptap
voip
2007
call
sniffed+real
voip+sniffed
openads+delivery
Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/103802

Mr Wong
