[Serusers] RTP Wiretapping

Jiri Kuthan jiri at iptel.org
Fri Mar 4 22:46:47 CET 2005 

We have built such. -jiri

At 12:35 AM 3/4/2005, Java Rockx wrote:
>Jiri,
>
>Do you think ser will eventually acquire wiretapping capabilities?
>
>Regards,
>Paul
>
>
>On Thu, 3 Mar 2005 17:18:32 -0500, Terry Mac Millan <serweb at finian.net> wrote:
>> If the modified RTP and non-modified RTP modules are on the same machine and
>> most regular calls are already making use of the RTP, then the IP's
>> shouldn't change at all. So the parties involved in the tapping will still
>> see the same IP address at the providers end, which shouldn't give it away
>> if they are being tapped.
>> 
>> It would be nice to ignore, but when the authorities come to the front desk
>> with orders to tap and collect, there needs to be a means to do that so that
>> you don't end up getting slapped with an Obstruct justice charge. So there
>> does need to be a method available, or work around, to impliment to comply
>> with the orders.
>> 
>> Terry
>> ----- Original Message -----
>> From: "Jiri Kuthan" <jiri at iptel.org>
>> To: "Java Rockx" <javarockx at gmail.com>; <ser at cannes.f9.co.uk>
>> Cc: <serusers at lists.iptel.org>
>> Sent: Thursday, March 03, 2005 4:01 PM
>> Subject: Re: [Serusers] RTP Wiretapping
>> 
>> > The challenge with this approach is how you make intercepted calls
>> > non-distinguishable from regular calls. The intercepted party may
>> > watch signaling and notice service provider's IP addresses. Also,
>> > the quality may degrade through use of RTP relay.
>> >
>> > A possible option is to ingore this problem.
>> >
>> > Other option would be to implement interception in edge routers.
>> > Obviously, it is not an easy one.
>> >
>> > -jiri
>> >
>> > At 01:16 PM 3/2/2005, Java Rockx wrote:
>> > >I was thinking about having a group called "spy" in the grp table and
>> > >anyone with this ACL would be sent to a modified mediaproxy that would
>> > >capture the RTP.
>> > >
>> > >User that don't have the "spy" ACL would be handled normally and if
>> > >NAT traversal is needed then use an unmodified media proxy.
>> > >
>> > >Regards,
>> > >Paul
>> > >
>> > >
>> > >On Wed, 2 Mar 2005 08:00:24 -0000, Chris <ser at cannes.f9.co.uk> wrote:
>> > >> Why not use a from/to etc detection in .cfg (using database...)
>> > >> to trigger a remote proxy through the requesting agency
>> > >> They then have the capture issue
>> > >> and you have no monitor or delivery issues?
>> > >> Might require conditions of their placement of a proxy?
>> > >> (but is their problem)
>> > >> Regards
>> > >> Chris
>> > >>
>> > >> -----Original Message-----
>> > >> From: serusers-bounces at iptel.org [mailto:serusers-bounces at lists.iptel.org] On
>> > >> Behalf Of Java Rockx
>> > >> Sent: 26 February 2005 14:29
>> > >> To: serusers at lists.iptel.org
>> > >> Subject: [Serusers] RTP Wiretapping
>> > >>
>> > >> Hi All.
>> > >>
>> > >> I'm located in the US and would like to comply with the Communications
>> > >> Assistance for Law Enforcement Act (CALEA) that Congress passed which
>> > >> basically says that VoIP providers should have the ability to wiretap
>> > >> conversations for the FBI upon request.
>> > >>
>> > >> I use mediaproxy for NAT traversal. So my question is how can I be
>> > >> CALEA compliant? I assume I should be able to modify mediaproxy to
>> > >> write RTP streams to disk, but I'm unclear on how to "mix" both sides
>> > >> of the conversation.
>> > >>
>> > >> Can anyone help with a suggestion?
>> > >>
>> > >> Regards,
>> > >> Paul
>> > >>
>> > >> _______________________________________________
>> > >> Serusers mailing list
>> > >> serusers at lists.iptel.org
>> > >> http://lists.iptel.org/mailman/listinfo/serusers
>> > >>
>> > >> --
>> > >> No virus found in this incoming message.
>> > >> Checked by AVG Anti-Virus.
>> > >> Version: 7.0.300 / Virus Database: 266.5.0 - Release Date: 25/02/2005
>> > >>
>> > >> --
>> > >> No virus found in this outgoing message.
>> > >> Checked by AVG Anti-Virus.
>> > >> Version: 7.0.300 / Virus Database: 266.5.2 - Release Date: 28/02/2005
>> > >>
>> > >>
>> > >
>> > >_______________________________________________
>> > >Serusers mailing list
>> > >serusers at lists.iptel.org
>> > >http://lists.iptel.org/mailman/listinfo/serusers
>> >
>> > --
>> > Jiri Kuthan            http://iptel.org/~jiri/
>> >
>> > _______________________________________________
>> > Serusers mailing list
>> > serusers at lists.iptel.org
>> > http://lists.iptel.org/mailman/listinfo/serusers
>> >
>> >
>> 
>>

--
Jiri Kuthan            http://iptel.org/~jiri/

More information about the sr-users mailing list