[clug] Wireshark VOIP and Caller IP address
Kim Holburn
kim.holburn at gmail.com
Wed Oct 28 08:00:56 UTC 2020
There are several probems with VOIP/SIP. One is that most VOIP/SIP protocols pass the IP numbers in the data part of the packets.
Two is there are sometimes several streams most often of UDP packets. It is a really exasperating protocol suite. It is quite hard
to work this out with wireshark. Three is that if both parties are behind a NAT firewall, they can't talk directly anyway.
The only real way is to use a VOIP session border controller which is expensive. Barring that you could set up a small asterisk
server which could do it but is expensive in time and patience to set up.
How much is the Telstra device?
I have this problem with my VOIP "landline". I generally pick the phone up and listen. If its spam they generally hang up. I am
at the point of giving up the landline altogether.
On 2020/10/28 4:00 pm, Keith Goggin via linux wrote:
> Due to increased occurrence of Unsolicited VOIP calls I've been motivated to try to track the callers IP address and block them.
>
> I have a Gigaset VOIP Phone connected to a Mikrotik router connected to a 4G modem/router.
>
> Using the Mikrotik Packet Sniffer tool I can collect call data and pass it to Wireshark for examination.
>
> I was expecting calls to be set up (dialed) via my VOIP provider, but once established (answered) on going traffic would be directly
> between the caller ip and the receiver ip addresses.
>
> This doesn't seem to be the case as I collected call data from a friend and the UDP packets source address was that of my providers
> server not the callers address.
>
> In principle this should be straight forward even for dummies like, me alas not so.
>
> Can anyone offer a good reference text for beginners.
>
> Thanks
>
>
>
--
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408 M: +61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the linux
mailing list