`
` §
`
`Michael Gough
`
`
`
`The Perfect Reference for the Multitasked SysAdrnin
`
`- Discover Why “Measure Twice, Cut Once” Applies to Securing a VolP
`Infrastructure
`
`. Learn How to Secure an Entire VolP Infrastructure and Defend Against Denial-
`of-Service and Hijacking Attacks
`
`' The Perfect Guide if VolP Engineering is NOT Your Specialty
`
`Thomas Porter
`
`Page 1 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 1
`
`Page 1 of 14
`
`
`
`Facebook's Exhibit No. 1032
`Page 1
`
`
`
`
`
`
`
`Syngress Publishing, Inc., the author(s), and any person or firm involved in the Writing, editing, or production (col-
`lectively “Makers”) oFthis book (“the Work”) do not guarantee or warrant the results to be obtained from the
`Work.
`
`There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is sold AS IS
`and WITHOUT WARRANTYYou may have other legal rights, which vary from state to state
`In no event will Makers be liable to you for damages, including any loss of” profits, lost savings, or other incidental or
`consequential damages arising out from the Work or its contents Because some states do not allow the exclusion or
`limitation of liability for consequential or incidental damages, the above limitation may not apply to you.
`You should always use reasonable care, including backup and other appropriate precautions, when working with
`computers, networks, data, and files.
`
`Syngress Media®, Syngress®, “Career Advancement Through Skill Enhancement®,”“Ask the Author UPDATE®,”
`and “Hack Proofing®,” are registered trademarks of Syngress Publishing, Inc, “Syngress:'i‘lie Definition of a Serious
`Security Library”m, “Mission CriticalTM,” and “The Only Way to Stop a Hacker is to Think Like Onem” are trade—
`marks of Syngress Publishing, Inc, Brands and product names mentioned in this book are trademarks or service
`marks of their respective companies.
`KEY
`SERIAL NUMBER
`001
`HJIRTCV764
`002
`PO9873D5FG
`003
`829KM8NJHZ
`004
`VTY4SQ9PLA
`005
`CVPLQ6WQ23
`006
`VBP965T5T5
`007
`HJJJSG3WD3E
`008
`2987GVTWMK
`009
`629MPSSDJT
`010
`IMWQ29ST6'J‘
`
`PUBLISHED BY
`Syngress Publishing, Inc.
`800 Hingham Street
`Rockland, MA 02370
`
`How to Cheat at VolP Security
`Copyright © 2007 by Syngress Publishing, inc. All rights reserved. Printed in the United States ofAmerica. Except
`as permitted under the CopyrightAct of 1976, no part of this publication may be reproduced or distributed in any
`form or by any means, or stored in a database or retrieval system, without the prior written permission of the pub—
`lisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but
`they may not be reproduced for publication.
`
`Printed in the United States of America
`1
`2 3 4 5 6 7 8 9 0
`
`1—59749—169—1
`ISBN 10:
`ISBN [3: 978—1—59749~169—3
`
`PublisherzAmorette Pedersen
`Acquisitions Editor: Gary Byrne
`Technical Editor:Thomas Porter
`Cover Designer: Michael Kavish
`
`,
`
`Page Layout and Art: Patricia Lupien
`Copy Editors: Adrienne Rebclio, Mike
`McGee
`Indexer: Nara Wood
`
`Distributed by O’Reilly Media, Inc. in the United States and Canada.
`For information on rights, translations, and bulk sales, contact Matt Pedersen, Director of Sales and Rights, at
`Syngress Publishing; email matt@syngress.com or fax to 781—681—3585.
`
`‘,
`
`
`
`Page 2 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 2
`
`Page 2 of 14
`
`Facebook's Exhibit No. 1032
`Page 2
`
`
`
`
`
`Contents
`
`Chapter 1 Introduction to VoIP Security ............... 1
`Introduction ..................................... 2
`The Switch Leaves the Basement ..................... 4
`What Is VoIP? ................................... 6
`VoIP Benefits ................................. 6
`VoIP Protocols ................................ 8
`VoIP Isn’t Just Another Data Protocol .................. 9
`Security Issues in Converged Networks ................ 11
`VoIP Threats ................................. 14
`A New Security Model ............................ 15
`Summary ...................................... 1 6
`Chapter 2 The Hardware Infrastructure .............. 19
`Introduction .................................... 20
`Traditional PBX Systems ...........................21
`PBX Lines .................................. 22
`PBX Trunks ................................. 24
`PBX Features ................................ 25
`PBX Adjunct Servers ........................... 28
`Voice Messaging ............................ 28
`Interactive Voice Response Servers ..............29
`Wireless PBX Solutions ......................... 30
`Other PBX Solutions .......................... 30
`PBX Alternatives ................................ 30
`VolP'l‘elephony and Infrastructure .
`r
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`r
`.31
`Media Servers ................................ 31
`Interactive Media Service: Media Servers .......... 32
`Call or Resource Control: Media Servers .......... 32
`Media Gateways
`........................... 33
`Firewalls and Application—Layer Gateways ......... 34
`Application Proxies .......................... 34
`Endpoints(UserAgents) 3'3
`IP Switches and Routers ........................ 38
`Wireless Infrastructure .......................... 38
`Wireless Encryption: WEP .................... 38
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 3 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 3
`
`Page 3 of 14
`
`Facebook's Exhibit No. 1032
`Page 3
`
`
`
`xii
`
`Contents
`
`Wireless Encryption: WPAZ ................... 39
`Authentication: 802.1x ....................... 40
`Power—Supply Infrastructure ..................... 41
`
`Power—over—Ethernet (IEEE 802.3af) ............ 41
`UPS ..................................... 42
`Energy and Heat Budget Considerations .......... 43
`Summary ...................................... 44
`
`Chapter 3 Architectures ........................... 45
`Introduction .................................... 46
`PSTN: What Is It, and How Does It Work? ............. 46
`PSTN: Outside Plant .......................... 46
`PSTN: Signal Transmission ...................... 49
`
`T1 Transmission: Digital Time Division Multiplexing 49
`PSTN: Switching and Signaling ................... 55
`The Intelligent Network (IN), Private
`Integrated Services, ISDN, and QSIG ............ 56
`ITU~T Signaling System Number 7 (SS7) ......... 57
`PSTN: Operational and Regulatory Issues ........... 61
`PSTN Call Flow ................................. 61
`PSTN Protocol Security
`.......................... 64
`SS7 and Other ITU—T Signaling Security ........... 64
`ISUP and QSIG Security ..................... 66
`The H.323 Protocol Specification
`................... 67
`The Primary H.323 VoIP—Related Protocols ............ 68
`H.225/Q.931 Cell Signaling ..................... 71
`H.245 Call Control Messages .................... 75
`Real—Time Transport Protocol .................... 77
`H.235 Security Mechanisms ........................ 78
`Understanding SIP ............................... 82
`Overview of SIP .............................. 83
`RFC 2543 / RFC 3261 ...................... 84
`SIP and Mbone ............................ 85
`081 ..................................... 85
`SIP Functions and Features ......................... 87
`User Location ............................. 88
`User Availability ............................ 88
`User Capabilities ........................... 88
`Session Setup .............................. 89
`
`
`
`Page 4 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 4
`
`Page 4 of 14
`
`Facebook's Exhibit No. 1032
`Page 4
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Contents
`
`
`
`Session Management ......................... 89
`SIP URIS ....................... ‘ ............ 89
`SIP Architecture ................................. 90
`SIP Components .............................. 90
`User Agents ............................... 90
`SIP Server ................................ 91
`Stateful versus Stateless ....................... 92
`Location Service ............................ 92
`Client/Server versus Peer—to—Peer Architecture ........ 93
`Client/ Server .............................. 93
`Peer to Peer ............................... 94
`SIP Requests and Responses .....................94
`Protocols Used with SIP ........................ 97
`UDP .................................... 97
`Transport Layer Security ...................... 98
`Other Protocols Used by SIP .................. 99
`Understanding SIP’s Architecture ................. 102
`SIP Registration ........................... 102
`Requests through Proxy Servers ............... 103
`Requests through Redirect Servers ............. 103
`Peer to Peer .............................. 104
`Instant Messaging and SIMPLE ..................... 105
`Instant Messaging ............................ 106
`SIMPLE ................................... 107
`Summary ..................................... 109
`Chapter 4 Support Protocols ...................... 111
`Introduction ................................... 1 12
`DNS ........................................ 112
`DNS Architecture ............................ 113
`Fully Qualified Domain Name ................ 114
`DNS Client Operation ...................... 115
`DNS Server Operation ...................... 116
`Security Implications for DNS ................... 117
`'I‘FTP .
`.
`., ..................................... 118
`TFTP Security Concerns ....................... 118
`TFTP File Transfer Operation ................. 119
`Security Implications for TFTP .................. 119
`HTTP ....................................... 120
`HTTP Protocol .............................. 121
`
`Page 5 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 5
`
`Page 5 of 14
`
`Facebook's Exhibit No. 1032
`Page 5
`
`
`
`XiV
`
`Contents
`
`HTTP Client Request ...................... 121
`HTTP Server Response ..................... 122
`Security Implications for HTTP ................. 122
`SNMP ....................................... 123
`SNMP Architecture ........................... 124
`SNMP Operation .......................... 124
`SNMP Architecture ........................... 125
`DHCP ....................................... 126
`DHCP Protocol ............................. 126
`DHCP Operation .......................... 127
`Security Implications for DHCP ................. 128
`RSVP ....................................... 129
`RSVP Protocol .............................. 130
`RSVP Operation .......................... 130
`Security Implications for RSVP .................. 131
`SDP ......................................... 132
`SDP Specifications ........................... 132
`SDP Operation ............................ 133
`Security Implications for SDP ................... 134
`Skinny ....................................... 135
`Skinny Specifications .......................... 135
`Skinny Operation .......................... 135
`Security Implications for Skinny ................. 136
`Summary ..................................... 138
`
`i
`
`1
`1
`;
`i
`i
`
`2
`<
`
`i
`
`. 141
`Chapter 5 Threats to VolP Communications Systems .
`Introduction ................................... 142
`Denial—of—Service or VoIP Service Disruption .......... 142
`Call Hijacking and Interception ..................... 148
`ARP Spoofing .............................. 151
`H.323—Specific Attacks ........................... 155
`SIP—Specific Attacks ............................. 156
`Summary ..................................... 157
`Chapter 6 Confirm User Identity ................... 159
`v Introduction ................................... 160
`802.1x and 802.11i (VVPAZ) ....................... 163
`802.1x/EAP Authentication ..................... 164
`Supplicant (Peer) .......................... 164
`Authenticator ............................. 164
`
`‘
`i
`
`1
`i
`i
`
`1 P
`
`age 6 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 6
`
`Page 6 of 14
`
`Facebook's Exhibit No. 1032
`Page 6
`
`
`
`Contents
`
`
`
`Authentication Server ....................... 164
`EAP Authentication Types ...................... ‘167
`EAP—TLS ................................ 169
`EAP—PEAP .............................. 171
`EAP—T'I‘LS .............................. 171
`PEAPVl/EAP—GTC ........................ 171
`BAP—FAST ............................... 171
`IAEAP ................................... 172
`EAP—MD—5 .............................. 172
`Inner Authentication Types ................... 173
`Public Key Infrastructure .......................... 175
`Public Key Cryptography Concepts ............... 176
`Architectural Model and PKI Entities .............. 178
`Basic Certificate Fields ......................... 180
`Certificate Revocation List ..................... 181
`Certification Path ............................ 181
`Minor Authentication Methods ..................... 182
`MAC Tools ................................. 182
`MAC Authentication ....................... 183
`ARP Spoofing ............................ 183
`Port Security ............................. 183
`Summary ..................................... 183
`
`Chapter 7 Active Security Monitoring .............. 185
`Introduction ................................... 186
`Network Intrusion Detection Systems ................ 187
`NII)S Defined .............................. 187
`Components ................................ 188
`Types ..................................... 189
`Placement .................................. 191
`Important NIDS Features ...................... 194
`Maintenance .............................. 194
`Alerting ................................. 194
`Logging ................................. 194
`Extensibility .............................. 194
`Response ................................ 194
`Limitations ................................. 195
`I-Ioneypots and I-Ioneynets ...................... 195
`Host—Based Intrusion Detection Systems .............. 196
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 7 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 7
`
`Page 7 of 14
`
`Facebook's Exhibit No. 1032
`Page 7
`
`
`
`Contents
`
`Logging ...................................... 197
`Syslog ..................................... 197
`SNMP .................................... 199
`
`What Is a Penetration/Vulnerability Test? .............. 200
`Methodology ............................... 201
`Discovery ................................ 201
`Scanning ................................ 202
`Vulnerability Assessment ..................... 203
`Exploitation .............................. 203
`Reporting ............................... 203
`Summary ..................................... 205
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Chapter 8 Logically Segregate Network Traffic ....... 207
`Introduction ................................... 208
`VLANs ....................................... 209
`
`VLAN Security ........................... 212
`VLANs and Softphones ...................... 212
`QoS and Trafiic Shaping .......................... 214
`NAT and IP Addressing .......................... 215
`How Does NAT Work? ........................ 216
`
`.218
`.
`.
`NAT Has Three Common Modes of Operation .
`NAT and Encryption ....................... 221
`NAT as a Topology Shield .................... 225
`Firewalls ...................................... 225
`
`A Bit of Firewall History ....................... 226
`Shallow Packet Inspection .................... 226
`Stateful Inspection ......................... 227
`Medium-Depth Packet Inspection .............. 227
`Deep Packet Inspection ...................... 228
`VoIP—Aware Firewalls ......................... 229
`11.323 Firewall Issues ....................... 230
`SIP Firewall Issues .......................... 231
`
`Bypassing Firewalls and NAT ................. 232
`Access Control Lists ............................. 235
`
`Summary ..................................... 237
`
`
`
`Chapter 9 IETF Encryption Solutions for VoIP ........ 239
`Introduction
`.................................. 240
`Suites from the IETF ............................ 240
`
`S/MIME: Message Authentication ................... 241
`
`
`
`Page 8 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 8
`
`Page 8 of 14
`
`Facebook's Exhibit No. 1032
`Page 8
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Contents
`
`xvii
`
`
`
`
`
`
`
`
`
`S/MIME Messages ........................... 244
`Sender Agent ............................... 244
`Receiver Agent .............................. 244
`E~mail Address .............................. 244
`TLS: Key Exchange and Signaling Packet Security ....... 244
`Certificate and Key Exchange ...................245
`SRTP: Voice/Video Packet Security ................. 247
`Multimedia Internet Keying ..................... 248
`Session Description Protocol Security Descriptions .
`i
`. .248
`Providing Confidentiality ....................... 248
`Message Authentications ....................... 249
`Replay Protection ............................250
`S ummary .....................................251
`
`Chapter 10 Skype Security ........................ 253
`Security ...................................... 254
`Blocking Skype .............................. 257
`Firewalls ................................. 257
`Downloads ............................... 257
`
`Software Inventory and Administration .......... 258
`Firewalls ................................... 258
`Proxy Servers ............................... 260
`Embedded Skype ............................ 260
`A Word about Security ........................ 260
`
`Chapter 11 Skype Firewall and Network Setup ....... 263
`A Word about Network Address Translation and Firewalls A .264
`Home Users ................................ 266
`Small to Medium—Sized Businesses ................ 266
`
`Large Corporations ...........................267
`WhatYou Need to Know
`
`About ConfiguringYour Network Devices ............ 269
`Home Users or Businesses
`
`Using a DSL/ Cable Router and No Firewall ........ 269
`Small to Large Company Firewall Users ............ 269
`TCP and UDP Primer ........................ 269
`NAT vs. a Firewall ......................... 270
`Ports Required for Skype ......................... 271
`Home Users or Businesses
`
`Using a DSL/Cablc Router and No Firewall ........271
`
`Page 9 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 9
`
`Page 9 of 14
`
`Facebook's Exhibit No. 1032
`Page 9
`
`
`
`
`
`xviii
`
`Contents
`
`
`
`
`
`
`
`
`
`Small to Large Company Firewall Users ............ 271
`Skype’s Sharedxml file ........................ 273
`
`Microsoft Windows Active Directory .............. 273
`Using Proxy Servers and Skype ..................... 276
`Wireless Communications ......................277
`Display Technical Call Information ............. 278
`Small to Large Companies ................... 282
`How to Block Skype in the Enterprise ............... 282
`Endnote ...................................... 283
`
`285
`Appendix A Validate Existing Security Infrastructure
`Introduction ................................... 286
`Security Policies and Processes ..................... 287
`Physical Security ................................ 297
`Perimeter Protection .......................... 300
`Closed—Circuit Video Cameras ................ 300
`Token System ............................. 300
`Wire Closets ................................ 301
`Server Hardening ............................... 301
`Eliminate Unnecessary Services .................. 302
`Logging ................................... 303
`Permission Tightening ......................... 304
`Additional Linux Security Tweaks ................ 306
`Activation of Internal Security Controls ............ 308
`Security Patching and Service Packs .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`. .312
`Supporting Services ............................. 313
`DNS and DHCP Servers .................... 313
`LDAP and RADIUS Servers .................. 315
`NTP ................................... 315
`SNMP
`................................. 316
`SSH and Telnet ............................ 317
`Unified Network Management ..................... 317
`Sample VoIP Security Policy .................... 318
`Purpose ................................. 319
`Policy .................................. 319
`Physical Security .......................... 319
`VLANS ................................. 319
`Softphones ............................... 319
`
`
`
`Page 10 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 10
`
`Page 10 of 14
`
`Facebook's Exhibit No. 1032
`Page 10
`
`
`
`
`
`Contents
`
`xix
`
`Encryption......i..l.....................3l9
`Layer 2 Access Controls ...................... 320
`Summary ..................................... 32 1
`
`Appendix B The IP Multimedia Subsystem:
`True Converged Communications .................. 323
`Introduction ................................... 324
`
`IMSSecurityArchitecture 325
`IMS Security Issues .............................. 328
`SIP Security Vulnerabilities ..................... 329
`Registration Hijacking ...................... 329
`IP Spoofing/Call Fraud ...................... 329
`Weakness of Digest Authentication ............. 329
`INVITE Flooding ......................... 329
`BYEDenialofSerVicc 330
`
`R'I‘P Flooding ............................ 330
`Spam over Internet Telephony (SPIT) ........... 330
`EarlyIMSSecurityIssucs....,.......l..........330
`Full IMS Security Issues ....................... 331
`Summary ..................................... 332
`Related Resources .............................. 332
`
`Appendix C Regulatory Compliance ................ 333
`Introduction ................................... 334
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`SOX:Sarbanes—OxleyAct 336
`SOX Regulatory Basics ........................ 336
`Direct from the Regulations .................. 336
`What a SOX Consultant Will TeIIYou ........... 338
`
`SOX Compliance and Enforcement ............... 341
`Certification.........l..........,.,.......34I
`Enforcement Process and Penalties .............. 342
`GLBA: Granim—LeacheBliIey Act .................... 342
`GLBA Regulatory Basics ....................... 343
`Direct from the Regulations .................. 343
`What a Financial Regulator or
`GLBA Consultant Will Tell You ................ 347
`GIBA Compliance and Enforcement .............. 349
`No Certification ........................... 350
`Enforcement Process and Penalties .............. 350
`
`:
`I
`I
`I
`I
`I
`i
`
`I
`1‘
`I
`
`
`
`Page 11 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 11
`
`Page 11 of 14
`
`Facebook's Exhibit No. 1032
`Page 11
`
`
`
`g
`,
`‘
`i
`
`E
`
`xx
`
`Contents
`
`HIPAA: Health Insurance
`
`.351
`,
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`Portability and Accountability Act
`HIPAA Regulatory Basics ...................... 351
`Direct from the Regulations .................. 351
`What a HIPAA Consultant Will TellYou ......... 358
`HIPAA Compliance and Enforcement ............. 359
`No Certification ........................... 359
`Enforcement Process and Penalties .............. 359
`CALEA: Communications Assistance
`
`for Law Enforcement Act ......................... 360
`CALEA Regulatory Basics ...................... 363
`Direct from the Regulations .................. 364
`What a CALEA Consultant Will TellYou .
`.
`.
`.
`.
`.
`.
`. ‘375
`CALEA Compliance and Enforcement ............. 376
`Certification .............................. 376
`Enforcement Process and Penalties .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`. .377
`E911: Enhanced 911 and Related Regulations .......... 377
`E911 Regulatory Basics ........................ 378
`Direct from the Regulations .................. 378
`What an E911 Consultant Will Tell You ..........382
`E911 Compliance and Enforcement ...............383
`Self—Certification .......................... 383
`Enforcement Process and Penalties .............. 383
`EU and EU Member States’
`
`eCommunications Regulations ..................... 384
`EU Regulatory Basics ......................... 385
`Direct from the Regulations .................. 385
`What an EU Data Privacy Consultant Will TellYou .389
`EU Compliance and Enforcement ................ 390
`No Certification ........................... 390
`Enforcement Process and Penalties .............. 390
`Summary ..................................... 390
`
`W
`1
`E
`E:
`
`
`
`
`
`Page 12 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 12
`
`Page 12 of 14
`
`Facebook's Exhibit No. 1032
`Page 12
`
`
`
`
`
`Outll‘Mini
`with;
`jabb
`XM l
`
`l?
`
`inf.“
`dard
`W0 l‘
`
`
`
`
`36
`
`Chapter 2 - The Hardware Infrastructure
`
`
`
`
`
`
`IM Clients
`
`Instant messaging is perhaps the dominant means of‘rcal—time communication on the
`Internet today IM’s roots can be traced back to the Internet Relay Chat (IRC) networks,
`which introduced the chat room concept but did not track online presence and never
`reached the popularity of IM.]ust as IM is the next logical step from IRC, voice chat is the
`next leap from text—based chat. Most of today’s most popular IM clients have included voice
`functionality, including AOL’s Instant Messenger,Yahool Messenger, and MSN Messenger.
`Skype took the opposite approach and created a chat client that focuses on voice as the star
`and text chat as an afterthought. Even Google jumped aboard the IM bandwagon, releasing
`Google Talk. Let's take a look at these clients to see what makes them similar, and what
`makes them dierrent.
`
`AIM,AOL’s [M service, surely wasn’t the first on the scene, but it has the largest base of
`users. Initially AIM was limited to users of the AOL Internet service, but eventually it was
`opened up to the Internet as a Whole. With the addition of a proprietary voice capability in
`late 1999,AOL was a VOIP pioneer of sorts. (although voice chat was first available through
`Mirablis’s ICQ).Yahoo! Chat jumped aboard the voice bandwagon soon after, and Google’s
`more recent client has included voice from the beginning. In 2005,Yahoo announced inter—
`operability with Google and MSN (who also has a voice chat plug—in for messenger that is
`also used with its Live Communication Server product). In addition, Microsoft’s popular
`
`
`
`
`
`
`Page 13 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 13
`
`Page 13 of 14
`
`Facebook's Exhibit No. 1032
`Page 13
`
`
`
`
`
`The Hardware Infrastructure 0 Chapter 2
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`()uthOk e—mail client (and entire Office suite in the case of LCS) can be linked to
`Microsoft Messenger. Also worth mentioning is the Lotus Domino IM client that competes
`with Microsoft LCS in the enterprise instant messaging (and presence) space, as well as
`Jabber, which can be used to tie together both public and private IM services using the
`XMPP protocol.
`Google Talk is the newest comer to the IM gameThough Google Talk is still in its
`infancy, it stands to succeed due largely to a philosophical stand point, embracing open stan—
`dards over proprietary voice chat. Google Talk aims to connect many different voice net—
`works over a series of peering arrangements, allowing users to minimize their need to run
`several IM clients. Like Skype, Google seeks to bridge traditional phone calls with Internet
`telephony, promising to federate with SIP networks that provide access to an ordinary tele-
`phone dial tone. Google recently released a library called libjingle to programmers, allowing
`them to hack new functionality into Google Talk. It will be interesting to see where Google
`takes Google Talk in the future.
`
`Video Clients
`
`Most of us can probably think back and recall seeing episodes of Thejen‘ons when we were
`younger. Or pictures of the AT&T Picturel’hone from the 1964 World’s Fair. Movies have
`all but promised these devices to be a staple of every day life in the future. And for decades,
`the video conference has been pushed by enterprises seeking to save money on travel
`(though investments in video conferencing equipment tend to sit around gathering dust).
`Live video on the Internet has its adherents, and today we see yet another wave of marketing
`aimed at the business use of video. So, will video finally take off around VoIP just like audio,
`or is there something different going on here?
`The video phone has been tomorrow’s next big technology for 50 years but the issue
`has been more sociological than technological. Certainly, popular instant messaging clients
`have included video chat capabilities for some time now, although each client typically sup—
`ports only video between other users of the same client or messaging network.And
`although it always gives me a kick to see someone else announcing that they’ve solved the
`gap with technology, the point is well taken that video is here to stay in VoIP systems—even
`iiit doesn’t get as much use as VoIP.
`The latest on the video bandwagon is the Skype 2.0 release. At only 15 frames per
`second and 40 to 75 khps upload and dOWnload, Skype Video works well on a standard
`home DSL line or better. Other popular IM clients with video include Microsoft’s
`Messenger andYahoo Instant Messenger. AIM now offers video as well.
`H.323—based IP videoconferencing systems have been available in hardware and software
`from many sources for almost a decade at this point, so there’s no shortage of vendors in this
`space.And SIP video phones are available from many of these same vendors and from startup
`companies in the SIP space.
`
`
`
`
`
`
`
`
`
`
`Page 14 of 14
`
`Facebook's Exhibit No. 1032
`
`Page 14
`
`Page 14 of 14
`
`Facebook's Exhibit No. 1032
`Page 14
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
