Camfrog is one of the most popular video chat system because of its performance and scalability. It is not as simple as you think. Camfrog is in press so often in Thailand. See below for some examples.

• Manager Online 1 2
• Daily News 1
• ThaiRath 1 2 3

Many network security teams are working hard to analysis Camfrog protocol. At a glance, Camfrog seems to rely on IRC technology plus RTP. Anyway, don't trust me too fast. We should do the analysis to get the exact result. Now we have one. SRAN has just posted a preliminary result of the analysis. In this state, they are able to:

• Identify login session using destination 63.236.61.128/27 tcp port 2778
• Extract content from that session by pattern 04 08 00 00 00

Yes, it is very simple because everything are in plain text. No encryption here. If you are watching in such a Camfrog room, beware! Take care yourself.

Tags: network security, camfrog protocol