?> Comments on: VoIP’s Dirty Laundry, and How to Keep it Clean http://www.os-voip.com/2009/01/voips-dirty-laundry-and-how-to-keep-it-clean/ Open Source VoIP by Aaron Rosenthal Fri, 03 Feb 2012 12:54:19 +0000 http://wordpress.org/?v=2.9 hourly 1 By: Are your provider ready for VoIP? | usken.no - VoIP news! http://www.os-voip.com/2009/01/voips-dirty-laundry-and-how-to-keep-it-clean/comment-page-1/#comment-591 Are your provider ready for VoIP? | usken.no - VoIP news! Tue, 17 Mar 2009 12:09:00 +0000 http://www.os-voip.com/?p=145#comment-591 [...] Merritt has written a nice article about it, I borrowed the bullet [...] [...] Merritt has written a nice article about it, I borrowed the bullet [...]

]]> By: How to Kill a Dinosaur with an Engineered Steak Knife | Hive Blog http://www.os-voip.com/2009/01/voips-dirty-laundry-and-how-to-keep-it-clean/comment-page-1/#comment-532 How to Kill a Dinosaur with an Engineered Steak Knife | Hive Blog Wed, 04 Feb 2009 21:49:35 +0000 http://www.os-voip.com/?p=145#comment-532 [...] clean compared to other technologies, *cough* H.323 *cough*. Except, without taking into account firewalls, you have to add extensions and other protocols to make the entire thing work in real world [...] [...] clean compared to other technologies, *cough* H.323 *cough*. Except, without taking into account firewalls, you have to add extensions and other protocols to make the entire thing work in real world [...]

]]> By: T.R. Missner http://www.os-voip.com/2009/01/voips-dirty-laundry-and-how-to-keep-it-clean/comment-page-1/#comment-527 T.R. Missner Wed, 21 Jan 2009 03:53:31 +0000 http://www.os-voip.com/?p=145#comment-527 Tyler - great piece - thanks for writing. I would like to understand why you think registration is a security device. In my way of thinking using registration credentials instead of white listing of source IPs ( ACLs ) actually makes you much more vulnerable to service theft. If all you need is a username / password to authenticate a SIP trunk anyone who knows your creds can make calls which will ultimately be billed back to you. This situation would be analogous to someone obtaining your itunes username/pw without your knowledge. On the other hand if source ip white listing were used instead of or in addition too registration a thief would have to hijack a live IP address. True it is easy to spoof a *source* ip using UDP but since SIP is a transactional protocol the best the thief could hope for is gaining the ability to ring some phones. Responses would not be received by the spoofer so calls would never fully set up. SIP registration was created as a mechanism to solve the problem caused by the nomadic nature of IP, it was not created as a security device. -tr Tyler – great piece – thanks for writing.
I would like to understand why you think registration is a security device. In my way of thinking using registration credentials instead of white listing of source IPs ( ACLs ) actually makes you much more vulnerable to service theft. If all you need is a username / password to authenticate a SIP trunk anyone who knows your creds can make calls which will ultimately be billed back to you. This situation would be analogous to someone obtaining your itunes username/pw without your knowledge. On the other hand if source ip white listing were used instead of or in addition too registration a thief would have to hijack a live IP address. True it is easy to spoof a *source* ip using UDP but since SIP is a transactional protocol the best the thief could hope for is gaining the ability to ring some phones. Responses would not be received by the spoofer so calls would never fully set up.

SIP registration was created as a mechanism to solve the problem caused by the nomadic nature of IP, it was not created as a security device.

-tr

]]> By: Peter Parkes (Skype Blogger) http://www.os-voip.com/2009/01/voips-dirty-laundry-and-how-to-keep-it-clean/comment-page-1/#comment-525 Peter Parkes (Skype Blogger) Tue, 20 Jan 2009 15:36:16 +0000 http://www.os-voip.com/?p=145#comment-525 A quick note to clarify – Skype is not a hosted VoIP solution. Skype software works on a peer-to-peer basis. Calls aren't routed through a central server, so there's no 'hosting' per se. There's more about <a href="http://www.skype.com/help/guides/p2pexplained/" rel="nofollow">how Skype works</a> on our website - definitely worth a read :) A quick note to clarify – Skype is not a hosted VoIP solution. Skype software works on a peer-to-peer basis. Calls aren’t routed through a central server, so there’s no ‘hosting’ per se.

There’s more about how Skype works on our website – definitely worth a read :)

]]>