Difference between revisions of "SIP Capture with TCPDump"

From Kolmisoft Wiki
Jump to navigationJump to search
m
 
(One intermediate revision by the same user not shown)
Line 3: Line 3:
Tcpdump, a powerful command-line packet analyzer already installed and working on your system by default.
Tcpdump, a powerful command-line packet analyzer already installed and working on your system by default.
<br><br>
<br><br>
=How to use it?=  
==How to use it?==
<br>
<br>
Login to your server aver [http://wiki.kolmisoft.com/index.php/What_is_SSH%3F ssh] and put this command into terminal:
Login to your server over [http://wiki.kolmisoft.com/index.php/What_is_SSH%3F ssh] and put this command into terminal:


  tcpdump -i eth0 -n -s 0 port 5060 -vvv -w /home/capture_file_name
  tcpdump -i eth0 -n -s 0 port 5060 -vvv -w /home/capture_file_name
Line 13: Line 13:
You can send captured file capture.pcap from your server to your PC and open with Wireshark GUI and analyse the packets.
You can send captured file capture.pcap from your server to your PC and open with Wireshark GUI and analyse the packets.
<br><br>
<br><br>
=Full command explaining=  
==Full command explaining==
<br>
<br>
You can find full command explaining here:
You can find full command explanation here:


http://www.jonathanmanning.com/2009/10/26/how-to-voip-sip-capture-with-tcpdump-on-linux/
http://nil.uniza.sk/network-security/analyzers/using-tcpdump-sip-diagnostic


 
===See also===
See also:
* [[How to capture packets using wireshark]]
* [[How to capture packets using wireshark]]

Latest revision as of 05:28, 3 May 2012



About

Tcpdump, a powerful command-line packet analyzer already installed and working on your system by default.

How to use it?


Login to your server over ssh and put this command into terminal:

tcpdump -i eth0 -n -s 0 port 5060 -vvv -w /home/capture_file_name

Packets will be saved to directory /home/capture_file_name

You can send captured file capture.pcap from your server to your PC and open with Wireshark GUI and analyse the packets.

Full command explaining


You can find full command explanation here:

http://nil.uniza.sk/network-security/analyzers/using-tcpdump-sip-diagnostic

See also