Re: [PLUG] VoIP

William H. Magill on 11 Jul 2004 00:13:02 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] VoIP

From: "William H. Magill" <magill@mcgillsociety.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] VoIP

Date: Sat, 10 Jul 2004 20:12:04 -0400

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

On 10 Jul, 2004, at 18:35, Paul wrote:

What about security? Could someone sniff the traffic and listen in on your calls? Is this less likely than someone using a scanner to listen to cordless phone traffic?

VOIP is as easy to scan and sniff as any other IP service. Just as susceptible to man-in-the-middle attacks.

But what is the occurrence of REAL IP based attacks? (not email based crap aimed at Microsoft!)

I haven't seen any numbers, but because the level of sophistication needed to perpetrate them is quit high, one would assume that except on your "segment," IP packet sniffing is rare to extremely rare. If a router can be compromised, then you can do it fairly easily, but you first have to know which router and then to compromise it. (On your "segment," promiscuous mode would make sniffing such traffic trivial, probably even listening to it. Note that this is even possibly how one might implement "conference calling" on the cheap! )

It's not that it can't be done, but the people who are capable of doing it "easily" are going to want to listen in to Bill Clinton's calls to Monica, not yours to your girlfriend.

The only references I can find on Vonage's sites to "security" have to deal with "customer information on its network." Which is NOT your phone call... and especially NOT while the packets are outside "its network."

Since Vonage says nothing about encryption technologies being used, one would have to assume that a VoIP call across the internet is no more secure than any telnet connection ever was/is. ... Can you do VoIP via ssh or other Vlan technology? I would assume that it is possible, but it does not appear that Vonage touts such a capability.

T.T.F.N. William H. Magill # Beige G3 - Rev A motherboard - 768 Meg # Flat-panel iMac (2.1) 800MHz - Super Drive - 768 Meg # PWS433a [Alpha 21164 Rev 7.2 (EV56)- 64 Meg]- Tru64 5.1a # XP1000 [Alpha EV6] magill@mcgillsociety.org magill@acm.org magill@mac.com

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] VoIP
From: "Michael C. Toren" <mct@toren.net>

References:

Re: [PLUG] VoIP
From: Paul <gyoza@comcast.net>

Prev by Date: Re: [PLUG] Set DNS server for ping?

Next by Date: Re: [PLUG] VoIP

Previous by thread: Re: [PLUG] VoIP

Next by thread: Re: [PLUG] VoIP

Index(es):

Date

Thread