[Asterisk-Users] Network Sniffing Calls for recording

Steve steve at szmidt.org
Mon Jun 7 17:54:07 MST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 07 June 2004 06:29 pm, Chris Albertson wrote:
> Many people use "ethereal" to capture network packets.  I've used
> it to debug SIP sessions.
>
> www.ethereal.com/
>
> In theory one could re-contruct a phone converstion from logged
> packets but it might take some effort and you'd need to be
> pretty smart to find the packets from "a call from Joe early
> last week in the morning some time."

Not really hard. If you have his IP. Of course the first problem is that 
unless you are recording all the time you cannot go back to some point in the 
past.

However, if you did record traffic you can filter it on f.ex port 4359. You 
could see how much traffic you have at any point in time. The latest version 
even let's you graph it live.

You could also run tcpdump to a file and review it later, but ethereal is much 
more powerful, and with the filtering abilities you can be as specific as you 
want.

As far as following a conversation it can also follow a network session.

- -- 
Steve

"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
                                Benjamin Franklin

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAxQ4yljK16xgETzkRAjSTAKC1LAhVUxyv3KX4CSBGoYFhiUVgaQCgvyKa
2gHfG55Jx/IVTc6B3K9bNfE=
=v/EL
-----END PGP SIGNATURE-----



More information about the asterisk-users mailing list