Network stream identification for open FaceTime

What is claimed is: 1. A non-transitory machine-readable medium having executable instructions to cause one or more processors to perform a method of distinguishing multiplexed media and signaling data traffic, the method comprising: receiving, on a single port, a packet of the multiplexed data traffic, wherein the multiplexed data traffic includes a plurality of packets and each of the plurality of packets is one of a media packet or a signaling packet, each signaling packet being a virtual transport packet; examining an initial data element of a header of the received packet to determine if the packet is one of a media packet or a signal packet wherein the initial data element is a first bit of the header of the packet; forwarding the packet to a corresponding module for further processing based on the examining. 2. The non-transitory machine-readable medium of claim 1 , wherein the media packet is a Real Time (RTP) protocol. 3. The non-transitory machine-readable medium of claim 1 , wherein the virtual transport packet is an open FaceTime packet. 4. The non-transitory machine-readable medium of claim 3 , wherein the virtual transport packet encapsulates an unencaspulated signaling packet. 5. The non-transitory machine-readable medium of claim 4 , wherein a type of the unencapsulated signaling packet is selected from the group consisting of Session Initiation Protocol (SIP), handshake protocol, and Internet Connectivity Establishment (ICE) protocol. 6. The non-transitory machine-readable medium of claim 5 , wherein the handshake protocol is Datagram Transport Layer Security (DTLS) protocol. 7. The non-transitory machine-readable medium of claim 4 , further comprising: if the packet is an encapsulated signaling packet, determining a type of the unencapsulated signaling packet by examining a type field of the header of the packet; and removing the header of the packet. 8. The non-transitory machine-readable medium of claim 1 , wherein the header includes a session identifier that identifies a FaceTime session associated with the packet. 9. The non-transitory machine-readable medium of claim 1 , wherein the header includes a message authentication code field that stores a cryptographic hash for the packet. 10. The non-transitory machine-readable medium of claim 9 , further comprising: computing a cryptographic hash for the packet; comparing the computed cryptographic hash with stored cryptographic hash in the message authentication code field of the packet; and rejecting the packet as unauthenticated if the computed cryptographic hash is not equal to the stored cryptographic hash. 11. The non-transitory machine-readable medium of claim 9 , wherein the message authentication code field stores the first 32 bits of the cryptographic hash and the comparing compares the first 32 bits of the stored and computed cryptographic hash. 12. An apparatus that distinguishes multiplexed media and signaling data traffic, the apparatus comprising: a single port that performs operations for: receiving a packet of the multiplexed data traffic, wherein the multiplexed data traffic includes a plurality of packets, each of which is one of a media packet or a signaling packet, each signaling packet being a virtual transport packet; a processor that performs operations for: examining an initial data element of a header of the received packet to determine if the received packet is one of a media packet or a signaling packet; when the packet comprises an encapsulated signaling packet, determining a type of the unencapsulated signaling packet by examining a type field of the header of the packet and removing the header of the packet; and forwarding the packet to a corresponding module for further processing based on the examining. 13. The apparatus of claim 12 , wherein the header includes a message authentication code field that stores a cryptographic hash for the packet. 14. The apparatus of claim 13 , wherein the processor is further configured to perform operations for: computing a cryptographic hash for the packet; comparing the computed cryptographic hash with stored cryptographic hash in the message authentication code field of the packet; and rejecting the packet as unauthenticated if the computed cryptographic hash is not equal to the stored cryptographic hash. 15. A method for distinguishing multiplexed media and signaling data traffic, the method comprising: by a device having a processor: receiving a packet of the multiplexed data traffic, wherein the multiplexed data traffic includes a plurality of packets, each of which is one of a media packet or a signaling packet, each signaling packet being a virtual transport packet; examining an initial data element of a header of the received packet to determine if the received packet is one of a media packet or a signaling packet; when the packet comprises an encapsulated signaling packet, determining a type of the unencapsulated signaling packet by examining a type field of the header of the packet and removing the header of the packet; and forwarding the packet to a corresponding module for further processing based on the examining. 16. The method of claim 15 , wherein the header includes a message authentication code field that stores a cryptographic hash for the packet. 17. The method of claim 15 , further comprising: computing a cryptographic hash for the packet; comparing the computed cryptographic hash with stored cryptographic hash in the message authentication code field of the packet; and rejecting the packet as unauthenticated if the computed cryptographic hash is not equal to the stored cryptographic hash. 18. The method of claim 15 , wherein the media packet is a Real Time (RTP) protocol. 19. The method of claim 15 , wherein the unencaspulated signaling packet is encapsulated in the virtual transport packet. 20. The method of claim 15 , wherein a type of the unencapsulated signaling packet is selected from the group consisting of Session Initiation Protocol (SIP), handshake protocol, and Internet Connectivity Establishment (ICE) protocol.