[SR-Users] Eavesdropping SRTP sessions
Jesús Pérez Rubio
jesus.perez at quobis.com
Tue Nov 27 23:16:29 CET 2012
Hi, If you are using SRTP your conversations will be encrypted, so nobody
could eavesdrop it. Only if your Kamailio was compromised they could be
eavesdropped.
I think you are confusing SRTP (media) with signaling (SIP). You should
implement SIP over TLS too, it makes no sense to use SRTP without encrypt
signaling. If not, it could be possible to sniff conversations with a MiTM
but, anyway, I don't know any tool which supports it.
Here I speak a bit about VoIP encryption, I think it could help you:
http://nicerosniunos.blogspot.com.es/2011/08/voip-eavesdropping-counter-measurements.html
Best regards.
2012/11/27 Mino Haluz <mino.haluz at gmail.com>
> Hi,
>
> maybe it is not that kamailio related question, but I dont know any other
> place with such good voip professionals ;) I have kamailio and mediaproxy.
> Clients are BudgetTone 200 (Grandstream) and CSipSimple. I am forcing
> clients to use SRTP but it does not support adding any certificate on both
> sides. SRTP call is working fine.
>
> The question is, in this case, is man-in-the-middle attack possible? Maybe
> I should study SRTP more, but basically, if there are no certificates,
> there is no method how to be 100% sure that the media goes directly between
> clients. Is it true?
>
> Thanks for response,
> Mino
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
--
Jesús Pérez
VoIP Engineer at Quobis
Fixed: +34 902 999 465
Site: http://www.quobis.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20121127/733728f9/attachment-0001.htm>
More information about the sr-users
mailing list