Just run an H323 analyzer (software-based will do fine) on the LAN in
which the call is done. It will grab all RTP-packetized UDP/IP-packets
(in which format audio and video is sent in H.323). With the RTP headers
the analyzer can reconstruate every call made in the LAN.

If you are using switching hubs the things get much harder, but in the
most common case, shared LAN with simple hubs, wiretapping is very easy.

--
Pasi Kovanen (E-mail: [EMAIL PROTECTED], Tel: +358-40-518 3460)
Sonera Solutions Ltd., Laserkatu 6, 53850 LAPPEENRANTA, FINLAND

----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 19, 1999 9:26 AM
Subject: Re: [NetMeeting] Security


>
> May I ask how you would "listen in"
> on the calls then? By rerouting the packets and spoofing an IP?
> That's the only way I can think of.
> That and an H323 analyzer.
> Danny
>
> On Thu, 19 Aug 1999, Pasi Kovanen wrote:
>
> >
> > Hi Paul,
> >
> > Wiretapping the calls in your LAN is a trivial task.
> > Security can be obtained by using IPSec or similar
> > technology for both / all endpoints.
> >
> > Regards,
> >     Pasi
> >
> > --
> > Pasi Kovanen (E-mail: [EMAIL PROTECTED], Tel: +358-40-518 3460)
> > Sonera Solutions Ltd., Laserkatu 6, 53850 LAPPEENRANTA, FINLAND
> >
> > ----- Original Message -----
> > From: <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Wednesday, August 18, 1999 9:21 AM
> > Subject: [NetMeeting] Security
> >
> >
> >
> > I have been asked more than once "How secure are NetMeeting audio/video
> > calls?"
> >
> > We have our own ILS server, which is not on the Internet - users dial in
via
> > Windows NT RAS. We do not use the 'security' options in NM3 as we need
to
> > use the audio/video features, not just data. What are the chances of
'wire
> > tapping' these calls?
> >
> > Paul Mallett, MCP
> >
> >
> > -----------------------------------------------------------------------
> > http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
> > -----------------------------------------------------------------------
> >
> > -----------------------------------------------------------------------
> > http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
> > -----------------------------------------------------------------------
> >
> >
> -----------------------------------------------------------------------
> http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
> -----------------------------------------------------------------------
>
>

-----------------------------------------------------------------------
http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
-----------------------------------------------------------------------

Reply via email to