Summary

RTP is the most popular communication protocol for VoIP networks. Whether it is used with SIP or H.323, it is responsible for the audio communication once a call has been set up.

While SIP and H.323 have their own security issues, the use of RTP introduces many more. RTP assumes that a significant amount of security is coming from elsewhere during a VoIP call, allowing it to be absent of many basic security protections with authentication, authorization, and encryption.

The primary items used to control RTP packets between any two entities are the session information, timestamp, and SSRC information. All of these items are easily spoofable by attackers or unauthorized internal users, allowing malicious personnel to perform several types ...

Get Hacking VoIP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.