Submit Search
Upload
Trapezoidal VoIP is Evil
•
0 likes
•
861 views
Aswath Rao
Follow
Presented to VoIP Users Conference on 9/11/2009
Read less
Read more
Technology
Entertainment & Humor
Report
Share
Report
Share
1 of 30
Download Now
Download to read offline
Recommended
WebRTC meetup barcelona 2017
WebRTC meetup barcelona 2017
Juan De Bravo
Violent python
Violent python
Xatierlike Lee
Ffonio next gen communication tool for care givers
Ffonio next gen communication tool for care givers
Aswath Rao
Sinnreich Henry Johnston Alan Pt 3
Sinnreich Henry Johnston Alan Pt 3
Carl Ford
WebRTC - a quick introduction
WebRTC - a quick introduction
Olle E Johansson
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
SecurityTube.Net
Lync 2010 deep dive edge
Lync 2010 deep dive edge
Harold Wong
IPv6 SenD
IPv6 SenD
rabdoul
More Related Content
Similar to Trapezoidal VoIP is Evil
IPv6 enterprise security - The NAT Returns
IPv6 enterprise security - The NAT Returns
Sanjeev Gupta
Rob "Mubix" Fuller: Attacker Ghost Stories
Rob "Mubix" Fuller: Attacker Ghost Stories
Area41
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Rob Fuller
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
Gnu Alsonative
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
Gnu Alsonative
WebRTC Integration from Tim Panton
WebRTC Integration from Tim Panton
Alan Quayle
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
Siena Perry
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Alexandre Gouaillard
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
Mark Smith
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
Sandro Gauci
V.P.N And Proxy server
V.P.N And Proxy server
Essa Al-Owayyid
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
ir. Carmelo Zaccone
Westhawk integration
Westhawk integration
Tim Panton
Nat
Nat
Humaira Saleem
Ad-Hoc Networking in Linux with Avahi
Ad-Hoc Networking in Linux with Avahi
sinchume
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIP
mattjive
Os Tucker
Os Tucker
oscon2007
Webrtc overview
Webrtc overview
Olle E Johansson
Similar to Trapezoidal VoIP is Evil
(20)
IPv6 enterprise security - The NAT Returns
IPv6 enterprise security - The NAT Returns
Rob "Mubix" Fuller: Attacker Ghost Stories
Rob "Mubix" Fuller: Attacker Ghost Stories
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
WebRTC Integration from Tim Panton
WebRTC Integration from Tim Panton
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
V.P.N And Proxy server
V.P.N And Proxy server
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Westhawk integration
Westhawk integration
Nat
Nat
Ad-Hoc Networking in Linux with Avahi
Ad-Hoc Networking in Linux with Avahi
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIP
Os Tucker
Os Tucker
Webrtc overview
Webrtc overview
More from Aswath Rao
Enthinnai a social enterprise app
Enthinnai a social enterprise app
Aswath Rao
WebRTC-enabled Twitter
WebRTC-enabled Twitter
Aswath Rao
You can run your own facebook
You can run your own facebook
Aswath Rao
UC in the cloud
UC in the cloud
Aswath Rao
An overview of cloud offering
An overview of cloud offering
Aswath Rao
Carriers own brand_ott_social_sharing_service
Carriers own brand_ott_social_sharing_service
Aswath Rao
Aswath Rao VON.x Spring 2008 Talk
Aswath Rao VON.x Spring 2008 Talk
Aswath Rao
TMC Talk 11092007
TMC Talk 11092007
Aswath Rao
User-centric Social Network
User-centric Social Network
Aswath Rao
More from Aswath Rao
(9)
Enthinnai a social enterprise app
Enthinnai a social enterprise app
WebRTC-enabled Twitter
WebRTC-enabled Twitter
You can run your own facebook
You can run your own facebook
UC in the cloud
UC in the cloud
An overview of cloud offering
An overview of cloud offering
Carriers own brand_ott_social_sharing_service
Carriers own brand_ott_social_sharing_service
Aswath Rao VON.x Spring 2008 Talk
Aswath Rao VON.x Spring 2008 Talk
TMC Talk 11092007
TMC Talk 11092007
User-centric Social Network
User-centric Social Network
Recently uploaded
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
Jamie (Taka) Wang
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
DianaGray10
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
DianaGray10
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
Seth Reyes
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
GDSC PJATK
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
dgelyza
UiPath Studio Web workshop series - Day 5
UiPath Studio Web workshop series - Day 5
DianaGray10
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
Christian Posta
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
Matsuo Lab
Valere | Digital Solutions & AI Transformation Portfolio | 2024
Valere | Digital Solutions & AI Transformation Portfolio | 2024
Alexander Turgeon
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
Pedro Manuel
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
Asko Soukka
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
bruanjhuli
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Aijun Zhang
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
UiPathCommunity
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
Hironori Washizaki
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
Tarek Kalaji
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
Mahmoud Rabie
Governance in SharePoint Premium:What's in the box?
Governance in SharePoint Premium:What's in the box?
Juan Carlos Gonzalez
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
IES VE
Recently uploaded
(20)
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
UiPath Studio Web workshop series - Day 5
UiPath Studio Web workshop series - Day 5
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
Valere | Digital Solutions & AI Transformation Portfolio | 2024
Valere | Digital Solutions & AI Transformation Portfolio | 2024
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
Governance in SharePoint Premium:What's in the box?
Governance in SharePoint Premium:What's in the box?
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Trapezoidal VoIP is Evil
1.
Trapezoidal VoIP is
Evil Aswath Rao www.enthinnai.com VoIP Users Conference 9/11/2009
2.
Trapezoid SIP? A’s
UA B’s Proxy A’s Proxy B’s UA STP message flow RTP flow
3.
Originator’s Proxy is
called Outbound Proxy (evil!)
4.
Yes, it provides
authentication (though unreliable)
5.
A needs
to have a service provider
6.
The two providers
must agree to federate
7.
Akin to ISPs
requiring HTTP Proxy
8.
Security needs may
require it
9.
Otherwise undesirable
10.
Authentication?
11.
OpenID is an
answer Everybody (almost) has it
12.
Let us turn
to B’s Proxy
13.
B’s Proxy is
required
14.
Discovery Dynamic DNS
is a possibility. But how to handle white/black lists?
15.
NAT/FW Traversal
16.
Triangle is a
fact of life
17.
But B’s Proxy
could be a self-hosted server
18.
Putting it all
together …
19.
A uses OpenID
to autheticate herself
20.
B’s Proxy uses
white/black list
21.
Use of ICE
for NAT/FW traversal
22.
But common servers
must be able to run Proxy/ICE SW
23.
EnThinnai is a
realization of these objectives
24.
EnThinnai is an
UC platform
25.
Presence
26.
Text/voice chat Exclusive
use of Speex
27.
Sharing of Digital
information
28.
Permissions based
29.
Minimal client requirement
– Java enabled browser
30.
Minimal server requirement
Download Now