Monday, January 23, 2012 - 19:19
It is theoretically possible that in an H.323 conference an ‘outsider’ could snoop the session, recording or relaying an apparently private conference (by inspecting data in transit) or that a snooper is able to silently join a conference (by connecting to an MCU). For an attacker, gathering data ‘on the wire’ is safer as it reduces the chance of detection and being later traced.
