logo

Openplatform.xyz

Placeholder for our stuff related to Telecom, IT, Internet of things (IOT), ESP8266, Raspberry Pi

Find SRTP in packet capture

So you have just captured a SIP call with SRTP media and wondering why your wireshark is showing you RTP packets , these should be encrypted and hidden. Note that header for RTP \ SRTP is same. The only difference is that the payload in encrypted in SRTP. So you will very well see the RTP packets in a SRTP call, but you can't play the media as payload is encrypted in SRTP.

If wireshark is not already showing you RTP packets, you can right click, decode as & choose RTP. (The UDP packets are then shown as RTP).

How do you know that the RTP payload is encrypted? Well there is no straight forward way to know. The way to find is make a call, send some DTMF digits and look at the  packets what is sent. If you see the dialed digits in capture then it's not SRTP. If you see no digits or wrong digints in capture then it's SRTP.

 



Suresh Hariramani

I am an IOT enthusiast with more than 20 years of experience in the IT sector. Specializing in telecom service's; follow me for some very innovative and best in class IOT products as I unfold my knowledge and passion for the subject.


Vatsal Hariramani

Just me, myself and I, exploring the universe of uknownment. I have a heart of love and interests in technology, IOT and travel . And I want to share my world with you .