Whos on the line
?"> "Anyone with network access can listen in on conversations." True or false, vis a vis SIP VOIP? SIP has the ability to secure the media in the call, so that even if an attacker was handed each and every packet on a silver platter, there is nothing they could do to decrypt it. This is done using Secure RTP (SRTP), which encrypts and authenticates each media packet. Now, the problem is that these techniques are not in widespread usage, in large part because operators and enterprises havent been demanding them. Without any kind of security technique in place to prevent this attack, it can be possible, depending on the type of access network. If the caller and/or called party are on a LAN of some sort that broadcasts traffic (such as an Ethernet hub), the media packets to/from that user will be sent in the clear over that LAN. An attacker with a sniffing tool could then extract them in listen in. What about switched Ethernet?Switched Ethernet is more common in the enterprise these days, but hubs (where everyone sees all the packets on the LAN) are common in homes and smaller enterprises due to their lower cost. What can prevent someone from spoofing the IP address of your phone? Would this spoof your caller ID with it? Is this a true vulnerability? What makes voice less vulnerable than email in this regard? IP address spoofing can be prevented by techniques known as ingress source filtering, which detect packets with out-of-place source IP addresses. That technique has nothing to do with VOIP and is in common usage, though it needs more deployment. That said, spoofing an IP address doesnt, in and of itself, cause a direct attack in SIP. If I send a SIP call setup message and spoof my source address, the called partys phone will ring, but the call wont be able to complete. Of course, I can call you and hang up when you answer without spoofing my source IP address, and achieve the same effect. You cannot equate source IP address spoofing with faking caller ID. They are different things. If SIPs security mechanisms are enabled, it will be impossible for you, using a spoofed source IP address or otherwise, to insert a fake caller ID. Indeed, with those security techniques in place, if you fake a source IP address in a call setup message, the call wont even be able to pass the first SIP proxy. If SIPs security mechanisms are not used, then it is possible to fake my caller ID, yes, just as I can generate fake FROM addresses in email. Many VOIP systems I know of do, in fact, use SIPs security mechanisms to make sure that caller ID is properly authenticated. Indeed, with those security mechanisms properly enabled, caller ID becomes more secure than the telephone network. In the telephone network, I could still tap into a cable under the street, insert a box that receives the messages, and generate fake caller IDs. However, that attack would not be possible when SIPs security features are enabled. So what are some of those SIP security mechanisms? Without going into too much detail, the core of it is something we call "sips". Just like "https" means secure http (i.e., secure web), "sips" means secure SIP. When you make a call using sips, all call signaling traffic flows over SSL/TLS, just like secure web traffic. That brings many security properties. Next Page: VOIP Caller ID?
This makes such attacks much harder to launch, but not impossible. One could insert a tap into the switch and extract traffic. This is a more difficult attack to launch, but its possible. The best way to prevent against such eavesdropping attacks is to enable the SIP security mechanisms that can prevent this (namely, SRTP).