ANALYSIS OF VOIPUSING SIP AND RTPFeng Maiz3183940
Overview
Introduction to VoIP RTP SIP
Analysis Methodology Analysis' Results
Outgoing call attempt is cancelled Outgoing call is established RTP Analysis
Introduction to VoIP
Definition Voice over Internet Protocol (VoIP) is a general term for
a family of transmission technologies for delivery of voice communications over IP networks such as the Internet or other packet-switched networks.
Benefits Reducing communication and infrastructure costs Provide services that may be more difficult to
implement using the PSTN
Protocols for IP telephony
Signaling protocol to establish presence, locate users, set up, modify and tear down sessions (SIP)
Media Transport Protocols for transmission of packetized audio/video (RTP)
Supporting Protocols for Gateway Location, QoS, address translation, IP, etc. ( MGCP)
SIP (Session Initiation Protocol)
SIP is an application layer signaling protocol create, modify and terminate sessions two or more participants
Uses URL style addresses and syntax Flexible transport: can use UDP, TCP, TLS, or SCTP Establish media sessions, e.g. RTP/RTCP streams carrying
audio or video data, where session details are commonly negotiated using SDP
Basic Call With SIP
SIP session establishment
Voice data
SIP session tear-down
Endpoints must find each other’s IP addresses
SIP Commands are Called Methods
SIP Method Description INVITE Invites a user to a call ACK Used to facilitate reliable message exchange for INVITEs BYE Terminates a connection between users or declines a call CANCEL Terminates a request, or search, for a user OPTIONS Solicits information about a server's capabilities REGISTER Registers a user's current location INFO Used for mid-session signaling
SIP Extension Description SUBSCRIBE instant messaging and presence NOTIFY (RFC3265, RFC3428, draft-ietf-simple-*) MESSAGE REFER call transfer (RFC3515) PRACK provisional reliable responses acknowledgement (RFC3262) INFO mid-call signaling (RFC 2976)
SIP Response Codes
1yz Informational– 100 Trying– 180 Ringing (ringing tone played locally)– 181 Call is Being Forwarded2yz Success– 200 ok3yz Redirection– 300 Multiple Choices– 301 Moved Permanently– 302 Moved Temporarily
Borrowed from HTTP: xyz explanatory text Receivers need to understand response class (“x”) x80 and higher codes avoid conflicts with future http response codes
4yz Client error– 400 Bad Request– 401 Unauthorized– 482 Loop Detected– 486 Busy Here5yz Server failure– 500 Server Internal Error6yz Global Failure– 600 Busy Everywhere
RTP (Real-time Transport Protocol)
RTP, the real-time transport protocol. RTP provides end-to-end network transport functions suitable for applications transmitting real-time data, such as audio, video or simulation data, over multicast or unicast network services.
Typically, RTP uses UDP as its transport protocol. RTP does not have a well known UDP port. Instead, the ports are allocated dynamically and then signaled using a different protocol such as SIP or H245.
Methodology
Packets sniffing
Outgoing call attempt is cancelled
Dial the destination phone number Capture SIP packets Analysis
Outgoing call attempt is cancelled
Outgoing call attempt is cancelled
Outgoing call attempt is cancelled
Outgoing call is established
Dial the destination phone number Capture SIP packets Analysis
Outgoing call is established
Outgoing call is established
RTP Analysis
RTP Analysis
RTP Analysis