RTP Security Attacks

Security attacks on VoIP are usually focused on capturing media (audio), which involves RTP. The lack of encryption and/or privacy allows several types of attacks from unauthorized users, including anonymous, unauthenticated users.

Note

While Secure RTP (SRTP), described in Chapter 9, does provide security for media communication, most enterprise organizations have not implemented SRTP because of performance and/or operational issues.

RTP is vulnerable to many types of attacks, including traditional ones, such as spoofing, hijacking, Denial of Service, and traffic manipulation, as well as newer ones, such as eavesdropping and voice injection. In the following sections, we'll focus on the most dangerous and severe attacks on RTP, ...

Get Hacking VoIP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.