27C3 - Version 1.6.3

27th Chaos Communication Congress
We come in peace

Tag Day 4 - 2010-12-30
Raum Saal 3
Beginn 17:15
Dauer 01:00
ID 4193
Veranstaltungstyp Vortrag
Track Hacking
Sprache der Veranstaltung englisch

Having fun with RTP

„Who is speaking???“

A lot of people are interested and involved in voice over IP security. Most of the effort is concentrated on the security of the signalling protocols. This talk is focussing on the security of the voice part involved in todays voice over IP world. It is the result of the questions that I had to ask myself while i was debugging audio quality problems of customers and implementing a RTP stack from scratch.

The talk gives an introduction on the shortcomings of the Realtime Transport Protocol (RTP), how systems attempt to work around them and how they introduce security vulnerabilites. A few short demonstrations will give an idea on how they can be exploited in the real world (denial of service, man in the middle attacks, call redirection). The last part of the talk will discuss some solutions to fix those vulnerabilities.

Archived page - Impressum/Datenschutz