Chapter 6. Media Protection Mechanisms

Any multimedia application—such as video, voice, or gaming—uses a distinct set of protocols to set up sessions between end points (for example, SIP, H.323) and a distinct protocol to transmit the media streams. The standard protocol used to exchange media streams is RTP1 (Real Time Protocol), which is defined in RFC 3550. As discussed in Chapter 3, “Threats and Attacks,” RTP streams can be intercepted and manipulated in order to perform various attacks. Although IPSec can be used to protect RTP, its limitations require a more scalable and versatile solution that alleviates the NAT traversal issue, dynamic allocation of sessions,2 and the need for a PKI. This has led to the development of SRTP3 (Secure Real ...

Get Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.