Submit Search
Upload
Trapezoidal VoIP is Evil
•
Download as PPT, PDF
•
0 likes
•
861 views
Aswath Rao
Follow
Presented to VoIP Users Conference on 9/11/2009
Read less
Read more
Technology
Entertainment & Humor
Report
Share
Report
Share
1 of 30
Download now
Recommended
WebRTC meetup barcelona 2017
WebRTC meetup barcelona 2017
Juan De Bravo
Violent python
Violent python
Xatierlike Lee
Ffonio next gen communication tool for care givers
Ffonio next gen communication tool for care givers
Aswath Rao
Sinnreich Henry Johnston Alan Pt 3
Sinnreich Henry Johnston Alan Pt 3
Carl Ford
WebRTC - a quick introduction
WebRTC - a quick introduction
Olle E Johansson
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
SecurityTube.Net
Lync 2010 deep dive edge
Lync 2010 deep dive edge
Harold Wong
IPv6 SenD
IPv6 SenD
rabdoul
Recommended
WebRTC meetup barcelona 2017
WebRTC meetup barcelona 2017
Juan De Bravo
Violent python
Violent python
Xatierlike Lee
Ffonio next gen communication tool for care givers
Ffonio next gen communication tool for care givers
Aswath Rao
Sinnreich Henry Johnston Alan Pt 3
Sinnreich Henry Johnston Alan Pt 3
Carl Ford
WebRTC - a quick introduction
WebRTC - a quick introduction
Olle E Johansson
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
SecurityTube.Net
Lync 2010 deep dive edge
Lync 2010 deep dive edge
Harold Wong
IPv6 SenD
IPv6 SenD
rabdoul
IPv6 enterprise security - The NAT Returns
IPv6 enterprise security - The NAT Returns
Sanjeev Gupta
Rob "Mubix" Fuller: Attacker Ghost Stories
Rob "Mubix" Fuller: Attacker Ghost Stories
Area41
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Rob Fuller
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
Gnu Alsonative
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
Gnu Alsonative
WebRTC Integration from Tim Panton
WebRTC Integration from Tim Panton
Alan Quayle
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
Siena Perry
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Alexandre Gouaillard
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
Mark Smith
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
Sandro Gauci
V.P.N And Proxy server
V.P.N And Proxy server
Essa Al-Owayyid
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
ir. Carmelo Zaccone
Westhawk integration
Westhawk integration
Tim Panton
Nat
Nat
Humaira Saleem
Ad-Hoc Networking in Linux with Avahi
Ad-Hoc Networking in Linux with Avahi
sinchume
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIP
mattjive
Os Tucker
Os Tucker
oscon2007
Webrtc overview
Webrtc overview
Olle E Johansson
Enthinnai a social enterprise app
Enthinnai a social enterprise app
Aswath Rao
WebRTC-enabled Twitter
WebRTC-enabled Twitter
Aswath Rao
More Related Content
Similar to Trapezoidal VoIP is Evil
IPv6 enterprise security - The NAT Returns
IPv6 enterprise security - The NAT Returns
Sanjeev Gupta
Rob "Mubix" Fuller: Attacker Ghost Stories
Rob "Mubix" Fuller: Attacker Ghost Stories
Area41
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Rob Fuller
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
Twobo Technologies
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
Gnu Alsonative
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
Gnu Alsonative
WebRTC Integration from Tim Panton
WebRTC Integration from Tim Panton
Alan Quayle
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
Siena Perry
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Alexandre Gouaillard
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
Mark Smith
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
Sandro Gauci
V.P.N And Proxy server
V.P.N And Proxy server
Essa Al-Owayyid
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
ir. Carmelo Zaccone
Westhawk integration
Westhawk integration
Tim Panton
Nat
Nat
Humaira Saleem
Ad-Hoc Networking in Linux with Avahi
Ad-Hoc Networking in Linux with Avahi
sinchume
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIP
mattjive
Os Tucker
Os Tucker
oscon2007
Webrtc overview
Webrtc overview
Olle E Johansson
Similar to Trapezoidal VoIP is Evil
(20)
IPv6 enterprise security - The NAT Returns
IPv6 enterprise security - The NAT Returns
Rob "Mubix" Fuller: Attacker Ghost Stories
Rob "Mubix" Fuller: Attacker Ghost Stories
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
JmDNS : Service Discovery for the 21st Century
WebRTC Integration from Tim Panton
WebRTC Integration from Tim Panton
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
APNIC Hackathon IPv4 & IPv6 security & threat comparisons
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
CommCon 2023 - WebRTC & Video Delivery application security - what could poss...
V.P.N And Proxy server
V.P.N And Proxy server
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Westhawk integration
Westhawk integration
Nat
Nat
Ad-Hoc Networking in Linux with Avahi
Ad-Hoc Networking in Linux with Avahi
Jingle: Cutting Edge VoIP
Jingle: Cutting Edge VoIP
Os Tucker
Os Tucker
Webrtc overview
Webrtc overview
More from Aswath Rao
Enthinnai a social enterprise app
Enthinnai a social enterprise app
Aswath Rao
WebRTC-enabled Twitter
WebRTC-enabled Twitter
Aswath Rao
You can run your own facebook
You can run your own facebook
Aswath Rao
UC in the cloud
UC in the cloud
Aswath Rao
An overview of cloud offering
An overview of cloud offering
Aswath Rao
Carriers own brand_ott_social_sharing_service
Carriers own brand_ott_social_sharing_service
Aswath Rao
Aswath Rao VON.x Spring 2008 Talk
Aswath Rao VON.x Spring 2008 Talk
Aswath Rao
TMC Talk 11092007
TMC Talk 11092007
Aswath Rao
User-centric Social Network
User-centric Social Network
Aswath Rao
More from Aswath Rao
(9)
Enthinnai a social enterprise app
Enthinnai a social enterprise app
WebRTC-enabled Twitter
WebRTC-enabled Twitter
You can run your own facebook
You can run your own facebook
UC in the cloud
UC in the cloud
An overview of cloud offering
An overview of cloud offering
Carriers own brand_ott_social_sharing_service
Carriers own brand_ott_social_sharing_service
Aswath Rao VON.x Spring 2008 Talk
Aswath Rao VON.x Spring 2008 Talk
TMC Talk 11092007
TMC Talk 11092007
User-centric Social Network
User-centric Social Network
Recently uploaded
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Zilliz
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
SeasiaInfotech2
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
RankYa
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Recently uploaded
(20)
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Trapezoidal VoIP is Evil
1.
Trapezoidal VoIP is
Evil Aswath Rao www.enthinnai.com VoIP Users Conference 9/11/2009
2.
Trapezoid SIP? A’s
UA B’s Proxy A’s Proxy B’s UA STP message flow RTP flow
3.
Originator’s Proxy is
called Outbound Proxy (evil!)
4.
Yes, it provides
authentication (though unreliable)
5.
A needs
to have a service provider
6.
The two providers
must agree to federate
7.
Akin to ISPs
requiring HTTP Proxy
8.
Security needs may
require it
9.
Otherwise undesirable
10.
Authentication?
11.
OpenID is an
answer Everybody (almost) has it
12.
Let us turn
to B’s Proxy
13.
B’s Proxy is
required
14.
Discovery Dynamic DNS
is a possibility. But how to handle white/black lists?
15.
NAT/FW Traversal
16.
Triangle is a
fact of life
17.
But B’s Proxy
could be a self-hosted server
18.
Putting it all
together …
19.
A uses OpenID
to autheticate herself
20.
B’s Proxy uses
white/black list
21.
Use of ICE
for NAT/FW traversal
22.
But common servers
must be able to run Proxy/ICE SW
23.
EnThinnai is a
realization of these objectives
24.
EnThinnai is an
UC platform
25.
Presence
26.
Text/voice chat Exclusive
use of Speex
27.
Sharing of Digital
information
28.
Permissions based
29.
Minimal client requirement
– Java enabled browser
30.
Minimal server requirement
Download now