Chapter 6. Media Protection Mechanisms

Any multimedia application—such as video, voice, or gaming—uses a distinct set of protocols to set up sessions between end points (for example, SIP, H.323) and a distinct protocol to transmit the media streams. The standard protocol used to exchange media streams is RTP1 (Real Time Protocol), which is defined in RFC 3550. As discussed in Chapter 3, “Threats and Attacks,” RTP streams can be intercepted and manipulated in order to perform various attacks. Although IPSec can be used to protect RTP, its limitations require a more scalable and versatile solution that alleviates the NAT traversal issue, dynamic allocation of sessions,2 and the need for a PKI. This has led to the development of SRTP3 (Secure Real ...

Get Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.