[Asterisk-Users] sniffing sip password/uri/host info

Philip Edelbrock phil at netroedge.com
Tue Feb 21 16:13:29 MST 2006



Rich Adamson wrote:
>  
> 
>>>I want to sniff all these info to test a sip ip phone talking to a asterisk
>>>server.  I have used tcpdump, but It just shows the 
>>>
>>
>>Ethereal would probably be a batter analyzer. Not sure how well it
>>seppurts sip, though. Unlike tcpdump it won't work on-the-fly. But you
>>can also get tcpdump to dump raw data and analyze it off-line with
>>ethereal.
> 
> 
> Ethereal does a pretty good job at decoding both sip and iax packets.
> I use it a lot (on a separate laptop).
> 

Try Cane and Abel.  It automaticly grabs sip registration info and 
categories it for you.  Records the calls to sound files, too.

http://www.oxid.it/cain.html

Very easy to use.  Can even try to crack the password hashes if you 
want. (If you can wait a few years ;')

You can also turn on sip debugging from the CLI which will dump out the 
headers for you.


Phil



More information about the asterisk-users mailing list