[Serusers] RTP Wiretapping

Terry Mac Millan serweb at finian.net
Thu Mar 3 23:18:32 CET 2005


If the modified RTP and non-modified RTP modules are on the same machine and
most regular calls are already making use of the RTP, then the IP's
shouldn't change at all. So the parties involved in the tapping will still
see the same IP address at the providers end, which shouldn't give it away
if they are being tapped.

It would be nice to ignore, but when the authorities come to the front desk
with orders to tap and collect, there needs to be a means to do that so that
you don't end up getting slapped with an Obstruct justice charge. So there
does need to be a method available, or work around, to impliment to comply
with the orders.

Terry
----- Original Message ----- 
From: "Jiri Kuthan" <jiri at iptel.org>
To: "Java Rockx" <javarockx at gmail.com>; <ser at cannes.f9.co.uk>
Cc: <serusers at lists.iptel.org>
Sent: Thursday, March 03, 2005 4:01 PM
Subject: Re: [Serusers] RTP Wiretapping


> The challenge with this approach is how you make intercepted calls
> non-distinguishable from regular calls. The intercepted party may
> watch signaling and notice service provider's IP addresses. Also,
> the quality may degrade through use of RTP relay.
>
> A possible option is to ingore this problem.
>
> Other option would be to implement interception in edge routers.
> Obviously, it is not an easy one.
>
> -jiri
>
> At 01:16 PM 3/2/2005, Java Rockx wrote:
> >I was thinking about having a group called "spy" in the grp table and
> >anyone with this ACL would be sent to a modified mediaproxy that would
> >capture the RTP.
> >
> >User that don't have the "spy" ACL would be handled normally and if
> >NAT traversal is needed then use an unmodified media proxy.
> >
> >Regards,
> >Paul
> >
> >
> >On Wed, 2 Mar 2005 08:00:24 -0000, Chris <ser at cannes.f9.co.uk> wrote:
> >> Why not use a from/to etc detection in .cfg (using database...)
> >> to trigger a remote proxy through the requesting agency
> >> They then have the capture issue
> >> and you have no monitor or delivery issues?
> >> Might require conditions of their placement of a proxy?
> >> (but is their problem)
> >> Regards
> >> Chris
> >>
> >> -----Original Message-----
> >> From: serusers-bounces at iptel.org [mailto:serusers-bounces at lists.iptel.org] On
> >> Behalf Of Java Rockx
> >> Sent: 26 February 2005 14:29
> >> To: serusers at lists.iptel.org
> >> Subject: [Serusers] RTP Wiretapping
> >>
> >> Hi All.
> >>
> >> I'm located in the US and would like to comply with the Communications
> >> Assistance for Law Enforcement Act (CALEA) that Congress passed which
> >> basically says that VoIP providers should have the ability to wiretap
> >> conversations for the FBI upon request.
> >>
> >> I use mediaproxy for NAT traversal. So my question is how can I be
> >> CALEA compliant? I assume I should be able to modify mediaproxy to
> >> write RTP streams to disk, but I'm unclear on how to "mix" both sides
> >> of the conversation.
> >>
> >> Can anyone help with a suggestion?
> >>
> >> Regards,
> >> Paul
> >>
> >> _______________________________________________
> >> Serusers mailing list
> >> serusers at lists.iptel.org
> >> http://lists.iptel.org/mailman/listinfo/serusers
> >>
> >> --
> >> No virus found in this incoming message.
> >> Checked by AVG Anti-Virus.
> >> Version: 7.0.300 / Virus Database: 266.5.0 - Release Date: 25/02/2005
> >>
> >> --
> >> No virus found in this outgoing message.
> >> Checked by AVG Anti-Virus.
> >> Version: 7.0.300 / Virus Database: 266.5.2 - Release Date: 28/02/2005
> >>
> >>
> >
> >_______________________________________________
> >Serusers mailing list
> >serusers at lists.iptel.org
> >http://lists.iptel.org/mailman/listinfo/serusers
>
> --
> Jiri Kuthan            http://iptel.org/~jiri/
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
>




More information about the sr-users mailing list