Home > SER | SIP | VoIP > Opensips Üzerinden SRTP ( Secure Real Time Protocol ) Testleri

Opensips Üzerinden SRTP ( Secure Real Time Protocol ) Testleri

İş VoIP olunca ve bu görüşmelerde internet üzerinden olunca akla ilk gelen sorulardan birisi görüşmelerin dinlenmesi mevzusudur. İşte tamda bu noktada SRTP işin içerisine girmektedir. Güvenli VoIP görüşmeleriyle alakalı yakında detaylı bir makale yazıp sizlerle paylaşmayı düşünüyorum. Fakat şimdi bunun da ötesine giderek SRTP ile yaptığım bir görüşmenin detaylarını inceleyelim.

opensips kurulu linux servera ngrep yüklüyorum ve yaptığım çağrıların loglarını inceliyorum.

# apt-get install ngrep

kurulum tamamlandıktan sonra;

# ngrep -p -q -W byline port 5060

komutunu çalıştırarak logları takip ediyorum.

opensips serverda 100 kullanıcı adına eyebeam softphone register edip 101 kullanıcısına da grandstream ip phone register ederek yapılan aramanın loglarına bakıyorum;

aramanın tüm loglarını aşağıda görebilirsiniz;

# ngrep -p -q -W byline port 5060
interface: eth0 (10.0.10.0/255.255.255.0)
filter: (ip or ip6) and ( port 5060 )
U 10.0.10.118:63730 -> 10.0.10.237:5060
INVITE sip:101@10.0.10.237 SIP/2.0.
Via: SIP/2.0/UDP 10.0.10.118:63730;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport.
Max-Forwards: 70.
Contact: <sip:100@10.0.10.118:63730>.
To: "101"<sip:101@10.0.10.237>.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO.
Content-Type: application/sdp.
User-Agent: eyeBeam release 1102q stamp 51814.
Content-Length: 580.
.
v=0.
o=- 7 2 IN IP4 10.0.10.118.
s=CounterPath eyeBeam 1.5.
c=IN IP4 10.0.10.118.
t=0 0.
m=audio 24890 RTP/SAVP 107 0 8 18 101.
a=alt:1 3 : sitJQlHf Ov/HWtyn 10.0.10.118 24890.
a=alt:2 2 : INjSJf9L BxWT4Cqj 192.168.29.1 24890.
a=alt:3 1 : MhWPoocz RczjackL 192.168.245.1 24890.
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:YYBmgYduz3u0u4rSVHR/x6BXVWNCWeqDmyw8ZRL6.
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:A0ZxonBpfaUnRkQoqOp5B+LehBMzCVqbFyD6v0TU.
a=fmtp:18 annexb=yes.
a=fmtp:101 0-15.
a=rtpmap:107 BV32/16000.
a=rtpmap:18 G729/8000.
a=rtpmap:101 telephone-event/8000.
a=sendrecv.
U 10.0.10.237:5060 -> 10.0.10.118:63730
SIP/2.0 100 Giving a try.
Via: SIP/2.0/UDP 10.0.10.118:63730;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport=63730.
To: "101"<sip:101@10.0.10.237>.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
Server: OpenSIPS (1.5.3-notls (x86_64/linux)).
Content-Length: 0.
.
U 10.0.10.237:5060 -> 10.0.10.15:5070
INVITE sip:101@10.0.10.15:5070;transport=udp SIP/2.0.
Record-Route: <sip:10.0.10.237;lr=on>.
Via: SIP/2.0/UDP 10.0.10.237;branch=z9hG4bK7c99.a9bf07a1.0.
Via: SIP/2.0/UDP 10.0.10.118:63730;received=10.0.10.118;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport=63730.
Max-Forwards: 69.
Contact: <sip:100@10.0.10.118:63730>.
To: "101"<sip:101@10.0.10.237>.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO.
Content-Type: application/sdp.
User-Agent: eyeBeam release 1102q stamp 51814.
Content-Length: 580.
.
v=0.
o=- 7 2 IN IP4 10.0.10.118.
s=CounterPath eyeBeam 1.5.
c=IN IP4 10.0.10.118.
t=0 0.
m=audio 24890 RTP/SAVP 107 0 8 18 101.
a=alt:1 3 : sitJQlHf Ov/HWtyn 10.0.10.118 24890.
a=alt:2 2 : INjSJf9L BxWT4Cqj 192.168.29.1 24890.
a=alt:3 1 : MhWPoocz RczjackL 192.168.245.1 24890.
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:YYBmgYduz3u0u4rSVHR/x6BXVWNCWeqDmyw8ZRL6.
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:A0ZxonBpfaUnRkQoqOp5B+LehBMzCVqbFyD6v0TU.
a=fmtp:18 annexb=yes.
a=fmtp:101 0-15.
a=rtpmap:107 BV32/16000.
a=rtpmap:18 G729/8000.
a=rtpmap:101 telephone-event/8000.
a=sendrecv.
U 10.0.10.15:5070 -> 10.0.10.237:5060
SIP/2.0 100 Trying.
Via: SIP/2.0/UDP 10.0.10.237;branch=z9hG4bK7c99.a9bf07a1.0.
Via: SIP/2.0/UDP 10.0.10.118:63730;received=10.0.10.118;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport=63730.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
To: "101"<sip:101@10.0.10.237>.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
User-Agent: Grandstream GXP2020 1.2.2.14.
Content-Length: 0.
.
U 10.0.10.15:5070 -> 10.0.10.237:5060
SIP/2.0 180 Ringing.
Via: SIP/2.0/UDP 10.0.10.237;branch=z9hG4bK7c99.a9bf07a1.0.
Via: SIP/2.0/UDP 10.0.10.118:63730;received=10.0.10.118;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport=63730.
Record-Route: <sip:10.0.10.237;lr=on>.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
To: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
User-Agent: Grandstream GXP2020 1.2.2.14.
Contact: <sip:101@10.0.10.15:5070;transport=udp>.
Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK,MESSAGE.
Content-Length: 0.
.
U 10.0.10.237:5060 -> 10.0.10.118:63730
SIP/2.0 180 Ringing.
Via: SIP/2.0/UDP 10.0.10.118:63730;received=10.0.10.118;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport=63730.
Record-Route: <sip:10.0.10.237;lr=on>.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
To: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
User-Agent: Grandstream GXP2020 1.2.2.14.
Contact: <sip:101@10.0.10.15:5070;transport=udp>.
Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK,MESSAGE.
Content-Length: 0.
.
U 10.0.10.15:5070 -> 10.0.10.237:5060
SIP/2.0 200 OK.
Via: SIP/2.0/UDP 10.0.10.237;branch=z9hG4bK7c99.a9bf07a1.0.
Via: SIP/2.0/UDP 10.0.10.118:63730;received=10.0.10.118;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport=63730.
Record-Route: <sip:10.0.10.237;lr=on>.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
To: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
User-Agent: Grandstream GXP2020 1.2.2.14.
Contact: <sip:101@10.0.10.15:5070;transport=udp>.
Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK,MESSAGE.
Content-Type: application/sdp.
Supported: replaces, timer.
Content-Length: 291.
.
v=0.
o=101 8000 8000 IN IP4 10.0.10.15.
s=SIP Call.
c=IN IP4 10.0.10.15.
t=0 0.
m=audio 5072 RTP/SAVP 0 101.
a=sendrecv.
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:1qu3biiIY6/ePz4TrdDdroT0XXoJcN6sS40bbs/O.
a=rtpmap:0 PCMU/8000.
a=ptime:20.
a=rtpmap:101 telephone-event/8000.
a=fmtp:101 0-11.
U 10.0.10.237:5060 -> 10.0.10.118:63730
SIP/2.0 200 OK.
Via: SIP/2.0/UDP 10.0.10.118:63730;received=10.0.10.118;branch=z9hG4bK-d8754z-69501e59f058044c-1---d8754z-;rport=63730.
Record-Route: <sip:10.0.10.237;lr=on>.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
To: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 INVITE.
User-Agent: Grandstream GXP2020 1.2.2.14.
Contact: <sip:101@10.0.10.15:5070;transport=udp>.
Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK,MESSAGE.
Content-Type: application/sdp.
Supported: replaces, timer.
Content-Length: 291.
.
v=0.
o=101 8000 8000 IN IP4 10.0.10.15.
s=SIP Call.
c=IN IP4 10.0.10.15.
t=0 0.
m=audio 5072 RTP/SAVP 0 101.
a=sendrecv.
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:1qu3biiIY6/ePz4TrdDdroT0XXoJcN6sS40bbs/O.
a=rtpmap:0 PCMU/8000.
a=ptime:20.
a=rtpmap:101 telephone-event/8000.
a=fmtp:101 0-11.
U 10.0.10.118:63730 -> 10.0.10.237:5060
ACK sip:101@10.0.10.15:5070;transport=udp SIP/2.0.
Via: SIP/2.0/UDP 10.0.10.118:63730;branch=z9hG4bK-d8754z-394bad653c6d521e-1---d8754z-;rport.
Max-Forwards: 70.
Route: <sip:10.0.10.237;lr>.
Contact: <sip:100@10.0.10.118:63730>.
To: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 ACK.
User-Agent: eyeBeam release 1102q stamp 51814.
Content-Length: 0.
.
U 10.0.10.118:63730 -> 10.0.10.237:5060
.
.
..............
U 10.0.10.237:5060 -> 10.0.10.15:5070
ACK sip:101@10.0.10.15:5070;transport=udp SIP/2.0.
Via: SIP/2.0/UDP 10.0.10.237;branch=z9hG4bK7c99.a9bf07a1.2.
Via: SIP/2.0/UDP 10.0.10.118:63730;received=10.0.10.118;branch=z9hG4bK-d8754z-394bad653c6d521e-1---d8754z-;rport=63730.
Max-Forwards: 69.
Contact: <sip:100@10.0.10.118:63730>.
To: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
From: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 1 ACK.
User-Agent: eyeBeam release 1102q stamp 51814.
Content-Length: 0.
.
U 10.0.10.15:5070 -> 10.0.10.237:5060
BYE sip:100@10.0.10.118:63730 SIP/2.0.
Via: SIP/2.0/UDP 10.0.10.15:5070;branch=z9hG4bK1efbbbcb007e8d49.
Route: <sip:10.0.10.237;lr=on>.
From: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
To: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
Supported: path.
X-Grandstream-PBX: true.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 8448 BYE.
User-Agent: Grandstream GXP2020 1.2.2.14.
Max-Forwards: 70.
Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK,MESSAGE.
Reason: SIP ;text="Onhook event".
Content-Length: 0.
.
U 10.0.10.237:5060 -> 10.0.10.118:63730
BYE sip:100@10.0.10.118:63730 SIP/2.0.
Via: SIP/2.0/UDP 10.0.10.237;branch=z9hG4bKabc2.fde9df6.0.
Via: SIP/2.0/UDP 10.0.10.15:5070;branch=z9hG4bK1efbbbcb007e8d49.
From: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
To: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
Supported: path.
X-Grandstream-PBX: true.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 8448 BYE.
User-Agent: Grandstream GXP2020 1.2.2.14.
Max-Forwards: 69.
Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK,MESSAGE.
Reason: SIP ;text="Onhook event".
Content-Length: 0.
.
U 10.0.10.118:63730 -> 10.0.10.237:5060
SIP/2.0 200 OK.
Via: SIP/2.0/UDP 10.0.10.237;branch=z9hG4bKabc2.fde9df6.0.
Via: SIP/2.0/UDP 10.0.10.15:5070;branch=z9hG4bK1efbbbcb007e8d49.
Contact: <sip:100@10.0.10.118:63730>.
To: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
From: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 8448 BYE.
User-Agent: eyeBeam release 1102q stamp 51814.
Content-Length: 0.
.
U 10.0.10.237:5060 -> 10.0.10.15:5070
SIP/2.0 200 OK.
Via: SIP/2.0/UDP 10.0.10.15:5070;branch=z9hG4bK1efbbbcb007e8d49.
Contact: <sip:100@10.0.10.118:63730>.
To: "100"<sip:100@10.0.10.237>;tag=5519ba6d.
From: "101"<sip:101@10.0.10.237>;tag=482a0e6c73279ef6.
Call-ID: NjI1ZjNlNWY1Y2VmMGQ4ZTQwODFmNGEwOWIxMmM5ODM..
CSeq: 8448 BYE.
User-Agent: eyeBeam release 1102q stamp 51814.
Content-Length: 0.

Burada dikkati çekmek istediğim nokta loglardaki SDP paketlerindeki crypto kısımlarını incelemenizdir.

a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:YYBmgYduz3u0u4rSVHR/x6BXVWNCWeqDmyw8ZRL6.
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:A0ZxonBpfaUnRkQoqOp5B+LehBMzCVqbFyD6v0TU.

SDP kısmındaki crypto headerlarının bulunması aramanın şifrelenmiş olduğunu gösterir.

Yazının devamı gelecektir.





Share



Related posts:
    

  1. secure-digest authentication
    2. 

  2. VoIP te cihazların Softswitch ile REGISTER olma durumları
    3. 

  3. registerdan düşme isteği mesajı
    4. 

  4. 9 Adımda Ubuntu 9.04 Server’a Opensips 1.5.3 Kurulumu
    5. 

 	
 		 		PDF Creator 		   		Send article as PDF 		   		 		 	
 

								

					  , 									

		

						

	
	
	


			
								

				
Bir Cevap Yazın 

									

																			
E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir
							
 *




												
						
Şu HTML etiketlerini ve özelliklerini kullanabilirsiniz:  <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> 
						

							
							

						

						
					

							

			

				
Trackbacks:0

				

				
Listed below are links to weblogs that reference

				
Opensips Üzerinden SRTP ( Secure Real Time Protocol ) Testleri from Outlier

				

			

	

	

	
	


TOP