Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
474
Views
0
Helpful
1
Replies

RTP permission and related attacks/threats

yhameed81
Level 1
Level 1

‎10-10-2013 04:22 AM - edited ‎03-11-2019 07:50 PM

HI Guys,

I have to permit RTP traffic from internal network to other organizations (under different management) on gateway devices (routers, switches). I am curious to know if there are known attacks/threats when upd range 16384-32767 is permited. RTP source/destination can be desk phone or PC with softphone. If yes then can we configure gateway routers/switches to protect from these attacks.

We have cisco 7200, 6500, 3550, 3560, 3750 switches as gateway devices.

One more quick question are there only two ways (NBAR and ACL with udp range) on routers/switches to identify/match RTP traffic? I know Firewalls provide feature like inspect, AGL etc to dynamically identify RTP ports by inspecting control traffic.

Your input will be highly appreciated

Regards

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎10-10-2013 02:20 PM

Hello,

On a router you do it with NBAR or ACL's (Of course the more scalable is the Protocol matching).

Now, regarding security there are a lot of information available on the internated related to hacking an RTP session.

You have some homework to do

My recommendation:

Read chapter 4 I think of the Hacking VoIP book

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.com

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card