The only differense is that GSM has encryption, isn't that it?
Besides, GSM is older then 723.1, as I recall.
Hopefully, the next version of NM will have a/v encryption.
Danny

On Fri, 20 Aug 1999, Pasi Kovanen wrote:

> 
> What's the problem? It's obvious that the voice decoder has to be used.
> How do you think Netmeeting plays the sound?
> 
> In a shared LAN anyone can capture all UDP traffic from any endpoint,
> save it to disk (G.723.1 takes 6.3 or 5.3 kbits per second so it would take
> ages to fill a hard drive) and listen to it later. Or even listen in
> real-time.
> 
> Netmeeting calls are *VERY* vulnerable compared to GSM or other
> modern communication means.
> 
> Greetings,
>     Pasi
> 
> ----- Original Message -----
> From: <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, August 19, 1999 5:52 PM
> Subject: Re: [NetMeeting] Security
> 
> 
> 
> Although this is true, you would also need to then feed the sniffed packets
> through the appropriate vocoder to decode the digital audio, which although
> can be done in principal, is not trivial.  I guess the bottom line is that
> yes you can be "digital wire tapped" in principal, but it would take a
> considerable effort.  Aything one does on the LAN and Internet is subject to
> this vulnerability however  :)
> 
> Paul Eftis
> 
> -----Original Message-----
> From: Pasi Kovanen <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> <[EMAIL PROTECTED]>
> Date: Thursday, August 19, 1999 3:30 AM
> Subject: Re: [NetMeeting] Security
> 
> 
> >
> >Just run an H323 analyzer (software-based will do fine) on the LAN in
> >which the call is done. It will grab all RTP-packetized UDP/IP-packets
> >(in which format audio and video is sent in H.323). With the RTP headers
> >the analyzer can reconstruate every call made in the LAN.
> >
> >If you are using switching hubs the things get much harder, but in the
> >most common case, shared LAN with simple hubs, wiretapping is very easy.
> >
> >--
> >Pasi Kovanen (E-mail: [EMAIL PROTECTED], Tel: +358-40-518 3460)
> >Sonera Solutions Ltd., Laserkatu 6, 53850 LAPPEENRANTA, FINLAND
> >
> >----- Original Message -----
> >From: <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>
> >Sent: Thursday, August 19, 1999 9:26 AM
> >Subject: Re: [NetMeeting] Security
> >
> >
> >>
> >> May I ask how you would "listen in"
> >> on the calls then? By rerouting the packets and spoofing an IP?
> >> That's the only way I can think of.
> >> That and an H323 analyzer.
> >> Danny
> >>
> >> On Thu, 19 Aug 1999, Pasi Kovanen wrote:
> >>
> >> >
> >> > Hi Paul,
> >> >
> >> > Wiretapping the calls in your LAN is a trivial task.
> >> > Security can be obtained by using IPSec or similar
> >> > technology for both / all endpoints.
> >> >
> >> > Regards,
> >> >     Pasi
> >> >
> >> > --
> >> > Pasi Kovanen (E-mail: [EMAIL PROTECTED], Tel: +358-40-518 3460)
> >> > Sonera Solutions Ltd., Laserkatu 6, 53850 LAPPEENRANTA, FINLAND
> >> >
> >> > ----- Original Message -----
> >> > From: <[EMAIL PROTECTED]>
> >> > To: <[EMAIL PROTECTED]>
> >> > Sent: Wednesday, August 18, 1999 9:21 AM
> >> > Subject: [NetMeeting] Security
> >> >
> >> >
> >> >
> >> > I have been asked more than once "How secure are NetMeeting audio/video
> >> > calls?"
> >> >
> >> > We have our own ILS server, which is not on the Internet - users dial
> in
> >via
> >> > Windows NT RAS. We do not use the 'security' options in NM3 as we need
> >to
> >> > use the audio/video features, not just data. What are the chances of
> >'wire
> >> > tapping' these calls?
> >> >
> >> > Paul Mallett, MCP
> >> >
> >> >
> >> > -----------------------------------------------------------------------
> >> > http://www.meetingbywire.com/Mailinglist.htm for unsubscribe
> information
> >> > -----------------------------------------------------------------------
> >> >
> >> > -----------------------------------------------------------------------
> >> > http://www.meetingbywire.com/Mailinglist.htm for unsubscribe
> information
> >> > -----------------------------------------------------------------------
> >> >
> >> >
> >> -----------------------------------------------------------------------
> >> http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
> >> -----------------------------------------------------------------------
> >>
> >>
> >
> >-----------------------------------------------------------------------
> >http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
> >-----------------------------------------------------------------------
> 
> -----------------------------------------------------------------------
> http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
> -----------------------------------------------------------------------
> 
> 
> 
> -----------------------------------------------------------------------
> http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
> -----------------------------------------------------------------------
> 
> 
-----------------------------------------------------------------------
http://www.meetingbywire.com/Mailinglist.htm for unsubscribe information
-----------------------------------------------------------------------

Reply via email to