Koozali.org: home of the SME Server

security, black listening

Offline edeganay

  • ***
  • 102
  • +0/-0
security, black listening
« on: March 18, 2008, 12:10:00 PM »
I've been asking what is the risk of been hacked and conversations been taped from an intruder ? (sme, sail, sip trunkline)

to you, what could be done to achieve this ? or, what could be done to avoid this !

thanks,
Edd

Offline SARK devs

  • ****
  • 2,806
  • +1/-0
    • http://sarkpbx.com
Re: security, black listening
« Reply #1 on: March 18, 2008, 01:57:09 PM »
Good question.

You can do encryption over IAX (as of asterisk 1.4) but you would have to check that your IAX carrier supports it/will support it for you.  You can do it now between SAIL siblings if the mood takes you - google for "IAX encryption" if you want to know more.

There is a lot of documentation flying around regarding SIP and RTP encryption but AFAIK there is not yet any standard.  Some phones can support encryption between themselves and other phones of the same type (e.g. SNOM).

In the real world, an eavesdropper would have to be logically very close to you or the person you are talking to in order to guarantee sniffing all of the packets, but I'm sure it could be done by an ISP,... or a Government, without too much trouble.  So what's the difference vetween that and regular phonelines?...  which they've been able to "tap" for forty years or more.

:-)

Best

S

Best

S