Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] Secure RTP

From: "Keith French" <keithfrench@xxxxxxxxxxxxx>
Date: Fri, 14 Aug 2009 16:20:34 +0100
Hi Jaap,
 
Looking at the trace some more, not only is the signalling Skinny, it is not decoded as such (just TCP port 2443). I don't have any knowledge of secure VoIP, but is there a secure version of Skinny?
 
I tried a "Decode As" Skinny for 2443, but it made no difference. I am guessing that because Wireshark is only recognising the Skinny as TCP and I have the RTP option of "Try to decode RTP outside of conversations" ticked, this is one reason as to why the SRTP is currently decoded as RTP?
 
Keith French.
----- Original Message -----
Sent: Friday, August 14, 2009 2:52 PM
Subject: Re: [Wireshark-users] Secure RTP

Hi,

Wireshark already can distinguish between RTP and SRTP, when properly signalled (like in SDP). Currently it's not, SDP sets dummy SRTP info, hence the RTP dissector can't make use of it other than saying it's SRTP. Once the SDP, MIKEY or other dissector start to set real SRTP info the RTP dissector can show some real SRTP dissection. 

Thanx,
Jaap

Sent from my iPhone

On 14 aug 2009, at 15:05, "Keith French" <keithfrench@xxxxxxxxxxxxx> wrote:

Are there any plans to build a dissector for the SRTP protocol? Currently all SRTP packets are decoded as RTP. I can provide an example trace if it will be of use to a developer.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe



No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.392 / Virus Database: 270.13.56/2302 - Release Date: 08/14/09 06:10:00