VoIP (voice over IP) networks are currently being deployed by enterprises, governments, and service providers around the globe and are used by millions of individuals each day. Today, the hottest topic with engineers in the field is how to secure these networks. "Understanding Voice over IP Security" offers this critical knowledge. The book teaches practitioners how to design a highly secure VoIP network, explains Internet security basics, such as attack types and methods, and details all the key security aspects of a VoIP system, including identity, authentication, signaling, and media encryption. What's more, the book presents techniques used to combat spam and covers the future problems of spim (spam over instant messaging) and spim (spam over internet telephony).

WebRTC, Web Real-Time Communications, is revolutionizing the way web users communicate, both in the consumer and enterprise worlds. WebRTC adds standard APIs (Application Programming Interfaces) and built-in real-time audio and video capabilities and codecs to browsers without a plug-in. With just a few lines of JavaScript, web developers can add high quality peer-to-peer voice, video, and data channel communications to their collaboration, conferencing, telephony, or even gaming site or application.
New for the Third Edition
The third edition has an enhanced demo application which now shows the use of the data channel for real-time text sent directly between browsers. Also, a full description of the browser media negotiation process including actual SDP session descriptions from Firefox and Chrome. Hints on how to use Wireshark to monitor WebRTC protocols, and example captures are also included. TURN server support for NAT and firewall traversal is also new.
This edition also features a step-by-step introduction to WebRTC, with concepts such as local media, signaling, and the Peer Connection introduced through separate runnable demos.
Written by experts involved in the standardization effort, this book contains the most up to date discussion of WebRTC standards in W3C and IETF. Packed with figures, example code, and summary tables, this book is the ultimate WebRTC reference.
Table of Contents
1 Introduction to Web Real-Time Communications
1.1 WebRTC Introduction
1.2 Multiple Media Streams in WebRTC
1.3 Multi-Party Sessions in WebRTC
1.4 WebRTC Standards
1.5 What is New in WebRTC
1.6 Important Terminology Notes
1.7 References
2 How to Use WebRTC
2.1 Setting Up a WebRTC Session
2.2 WebRTC Networking and Interworking Examples
2.3 WebRTC Pseudo-Code Example
2.4 References
3 Local Media
3.1 Media in WebRTC
3.2 Capturing Local Media
3.3 Media Selection and Control
3.4 Media Streams Example
3.5 Local Media Runnable Code Example
4 Signaling
4.1 The Role of Signaling
4.2 Signaling Transport
4.3 Signaling Protocols
4.4 Summary of Signaling Choices
4.5 Signaling Channel Runnable Code Example
4.6 References
5 Peer-to-Peer Media
5.1 WebRTC Media Flows
5.2 WebRTC and Network Address Translation (NAT)
5.3 STUN Servers
5.4 TURN Servers
5.5 Candidates
6 Peer Connection and Offer/Answer Negotiation
6.1 Peer Connections
6.2 Offer/Answer Negotiation
6.3 JavaScript Offer/Answer Control
6.4 Runnable Code Example: Peer Connection and Offer/Answer Negotiation
7 Data Channel
7.1 Introduction to the Data Channel
7.2 Using Data Channels
7.3 Data Channel Runnable Code Example
7.3.1 Client WebRTC Application
8 W3C Documents
8.1 WebRTC API Reference
8.2 WEBRTC Recommendations
8.3 WEBRTC Drafts
8.4 Related Work
8.5 References
9 NAT and Firewall Traversal
9.1 Introduction to Hole Punching
9.3 WebRTC and Firewalls
9.3.1 WebRTC Firewall Traversal
9.4 References
10 Protocols
10.1 Protocols
10.2 WebRTC Protocol Overview
10.3 References
11 IETF Documents
11.1 Request For Comments
11.2 Internet-Drafts
11.3 RTCWEB Working Group Internet-Drafts
11.4 Individual Internet-Drafts
11.5 RTCWEB Documents in Other Working Groups
11.6 References
12 IETF Related RFC Documents
12.1 Real-time Transport Protocol
12.2 Session Description Protocol
12.3 NAT Traversal RFCs
12.4 Codecs
12.5 Signaling
12.6 References
13 Security and Privacy
13.1 Browser Security Model
13.2 New WebRTC Browser Attacks
13.3 Communication Security
13.4 Identity in WebRTC
13.5 Enterprise Issues
14 Implementations and Uses
INDEX
ABOUT THE AUTHORS

Can a security expert save the Internet from a catastrophic zero day cyber attack by a network of zombie computers, known as a botnet? At what cost? "Credible and believable, this story is told by a subject matter expert. I could not wait to find out what happened next." - Vint Cerf, Internet pioneer "The threat to the Internet from worms, viruses, botnets, and zombie computers is real, and growing. Counting from Zero is a great way to come up to speed on the alarming state of affairs, and Johnston draws you in with his story and believable cast of characters." - Phil Zimmermann, creator of Pretty Good Privacy (PGP) the most widely used email encryption program Today, every computer connected to the Internet is under constant attack from viruses, worms, port scans, and spam. Security professionals continually fight to contain newly unleashed cyber attacks, known as 'zero day' attacks, only to have new attacks launched. Millions of computers have already succumbed, and, without their owner's knowledge, have become slave computers - remotely controlled 'zombies'. Under the control of organized crime and backed by foreign governments, these computers are morphing into collections known in the industry as botnets, short for robot networks. Internet security expert Mick O'Malley is the only one who recognizes the growing threat of the ultimate zero day attack on the Internet from a massive botnet, and his unique hacker skills and network of colleagues enable him to fight back. More cyber prep than cyber punk, Mick uses real-life tools and techniques to encrypt all his communications, and uses these skills to break the encryption used by the botnet. Mick uses encryption on a personal level, too, having multiple passports and multiple names and identities. While crisscrossing the globe in the air, on land, and at sea investigating the threat, Mick becomes the target of attacks on his reputation, his identity, and ultimately his life. Along the way, Mick meets Kateryna Petrescu, a beautiful Romanian firewall expert. Mick's attraction to Kateryna develops as they work closely together and share the excitement and danger. Why is the government following Mick and trying to intercept his communications? Can he stop the zero day attack before it is unleashed? What will be the cost to Mick for his single mindedness? Unfolding across three continents, the new techno thriller "Counting from Zero" gives a realistic insider's view of the thrust and parry world of computer security and cryptography, and the very real threat of botnets.