Special Look: Face Time (part 1: Introduction) Facetime Introduction

Packetstan has a GREAT article on FaceTime. Read it!

Special Look: Face Time (part 1: Introduction)
Facetime Introduction

Here’s the Summary -

Based on this analysis we can determine several critical pieces of how Facetime works:

  • Unknown TCP protocol starts the conversation, likely initiated following an event that starts on the GSM network;
  • Unknown UDP traffic between two hosts with similar IP addresses;
  • Certificate validation through an Akamai server, followed by an HTTPS request to an Apple server;
  • STUN traffic for NAT traversal;
  • SIP traffic for call setup and negotiation;
  • UDP stream data for video/audio.

In the next part of this series,we’ll spend some more time look at the SIP and video/audio streaming traffic and look at some tools we can use to extract that data. Stay tuned!
-Josh

0 comments ↓

There are no comments yet...Kick things off by filling out the form below.

Leave a Comment