Nice, I would like to try this solution, deep packet inspection on RTP streams coming in (and out) of your enterprise network without degrading the quality of the voice:
Attackers can spoof the firewall and SBC into determining that the RTP stream is safe to relay. Passing the attacks through the RTP stream is called Vunneling. The alternative is to inspect the RTP packets which can slow down the transmission and distorts the voice.
The Salare solution , vPurity software, relies on a number of techniques to solve the Vunneling problem. Network Behavior Analysis (NBA) is employed by Salare. The passive NBA technique is well known for producing many false positive and false negative alerts. Salare's Active NBA virtually eliminates false positives. This is accomplished by introducing stimulus events and observing the reaction or non-reaction This provides accurate and precise recognition of the traffic types passing through the network.
The Salare technique inserts distortion in the packet that destroys embedded data and executable transmissions; this distortion is not perceptible by the listener. The insertion does not impact the quality of the voice conversation.
Complete article and links here:
A playground for network security enthusiasts, innovators and early adoptors
Welcome to my blog, this is me thinking out loud about Voice over IP security (VoIP), managing and optimizing converged networks, Metasploit Framework, Cloud Computing, general security and privacy concerns, grappling adventures, and tuning my MKIV VW Jetta.
All inputs, feedbacks and violent reactions are welcome.
Packet Boy Perseus
Helping spread a positive image why we hack things.