Ethereal-dev: [Ethereal-dev] SS7 ISUP again
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: "Dimitar Stoichev" <dstoichev@xxxxxxxx>
Date: Wed, 15 Sep 2004 13:24:12 +0300
Hello everybody, A while ago we had a discussion about a SS7 capture from a real telephony (Intel/Septel) card. I remember that the real problem was for ethereal to sniff the card, but a suggestion was made for ethereal to read a capture made with the software that came with the card. I am glad to announce that after some struggling with tech support guys we finaly have a way to sniff the traffic and capture it to a file. The file is somewhat parsed but I believe it can be useful. Can somebody give me some feedback if this is enough. I am ready to help in any way. I am attaching the capture file. Best Dimitar P.S - see old correspondence below Guy Harris said: > >Dimitar, > >ethereal already supports MTP2/MTP3/ISUP so there >is almost everything in the ethereal. Possibly we would >need an MTP1 dissector. Except for zero bit deletion this >should be simple. But if the card does this in hardware > and delivers SUs it would be simple to write an MTP1 > dissector. I could do that. This is all about dissecting which >is done in ethereal. >>The other stuff which needs to be done is the sniffing >>support. There you need to extend the libpcap to work >>with the SS7 card. I have no idea how difficult this might >>be, but it would definitely be great. Possibly someone >>else on the list can provide more help on this topic? >Do you get some software with the SS7 card which allows >you to capture traffic and write it to a disk file. We >could add support for reading such files to ethereal. >Best regards >Michael On Jul 14, 2004, at 8:49 AM, Dimitar Stoichev wrote: > Hello everybody, > I was wondering is there any development in the direction of sniffing > SS7 > traffic from a real (septel) SS7 card, that does not utilize sigtran. > Please > share any information on ways to do that. Is this on the roadmap at > all? > > Best Regards > Dimitar > > _______________________________________________ > Ethereal-dev mailing list > Ethereal-dev@xxxxxxxxxxxx > http://www.ethereal.com/mailman/listinfo/ethereal-dev > Michael Tuexen said: >> I did not know that this is the file format used by capture software >> which comes with the cards Dimitar is talking about. >If those In^H^HSeptel cards have software that >captures traffic and writes it to a file, if Dimitar's >willing to live with Ethereal not *itself* being able >to capture traffic from the >cards, it might be possible >to add support for those capture files to Ethereal's >Wiretap library. We'd need either > > 1) a specification for the capture file format, plus > at least one capture with which to test the support > >or > > 2) at least one capture file *plus* something >indicating what the contents of the file are (for example, >if the cards come with software to read those captures >and show the packets, complete with any time stamp >or other information in the file in addition to the raw packet > data), for reverse-engineering purposes > >in order to add that support. > >To make Ethereal, or other libpcap-based programs, >capable of capturing packets themselves, support >for that would have to be added to libpcap, and the >captures written using the appropriate SS7 network type value. _______________________________________________ Ethereal-dev mailing list Ethereal-dev@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-dev
------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x22 id = 0 type = 0xc000 status = 0 timestamp = 120333 05 42 d0 94 e4 5e 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x71 id = 1 type = 0xc000 status = 0 timestamp = 120333 05 42 d0 94 e4 5e 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 1 type = 0x8001 status = 0 timestamp = 120334 05 53 92 10 e4 5e 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120334 05 53 92 10 e4 5e 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 32990 type = 0x8701 status = 0 timestamp = 120334 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 0 type = 0x8001 status = 0 timestamp = 120335 05 53 92 10 54 75 00 09 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120335 05 53 92 10 54 75 00 09 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 33013 type = 0x8701 status = 0 timestamp = 120335 09 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x1d destination module id = 0x23 id = 209 type = 0xc700 status = 0 timestamp = 120340 0c 12 02 80 94 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x22 id = 0 type = 0xc000 status = 0 timestamp = 120340 05 42 d0 94 14 51 00 0c 02 00 02 80 94 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x71 id = 1 type = 0xc000 status = 0 timestamp = 120340 05 42 d0 94 14 51 00 0c 02 00 02 80 94 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 0 type = 0x8001 status = 0 timestamp = 120341 05 53 92 10 14 51 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120341 05 53 92 10 14 51 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 32977 type = 0x8701 status = 0 timestamp = 120341 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 1 type = 0x8001 status = 0 timestamp = 120341 05 53 52 10 f4 0f 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120341 05 53 52 10 f4 0f 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 15 type = 0x8701 status = 0 timestamp = 120341 0c 12 02 80 90 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x1d destination module id = 0x23 id = 15 type = 0xc700 status = 0 timestamp = 120342 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x22 id = 0 type = 0xc000 status = 0 timestamp = 120342 05 41 d0 94 f4 0f 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x71 id = 0 type = 0xc000 status = 0 timestamp = 120342 05 41 d0 94 f4 0f 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 15 type = 0x8701 status = 0 timestamp = 120342 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 0 type = 0x8001 status = 0 timestamp = 120346 05 53 92 10 94 59 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120346 05 53 92 10 94 59 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 32985 type = 0x8701 status = 0 timestamp = 120346 0c 12 02 80 90 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 1 type = 0x8001 status = 0 timestamp = 120347 05 53 92 10 f4 7f 00 09 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120347 05 53 92 10 f4 7f 00 09 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 33023 type = 0x8701 status = 0 timestamp = 120347 09 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x1d destination module id = 0x23 id = 237 type = 0xc700 status = 0 timestamp = 120347 0c 12 02 80 90 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x22 id = 0 type = 0xc000 status = 0 timestamp = 120347 05 42 d0 94 d4 6d 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x71 id = 1 type = 0xc000 status = 0 timestamp = 120347 05 42 d0 94 d4 6d 00 0c 02 00 02 80 90 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x1d destination module id = 0x23 id = 217 type = 0xc700 status = 0 timestamp = 120347 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x22 id = 0 type = 0xc000 status = 0 timestamp = 120347 05 42 d0 94 94 59 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x71 id = 1 type = 0xc000 status = 0 timestamp = 120347 05 42 d0 94 94 59 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 32985 type = 0x8701 status = 0 timestamp = 120347 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 1 type = 0x8001 status = 0 timestamp = 120348 05 53 52 10 24 02 00 01 00 21 00 0a 00 02 0b 09 84 90 93 43 57 47 49 69 0f 0a 07 03 15 94 21 43 65 87 1d 03 80 90 a3 03 04 1e 02 81 83 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120348 05 53 52 10 24 02 00 01 00 21 00 0a 00 02 0b 09 84 90 93 43 57 47 49 69 0f 0a 07 03 15 94 21 43 65 87 1d 03 80 90 a3 03 04 1e 02 81 83 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 2 type = 0x8701 status = 0 timestamp = 120348 01 06 01 00 07 02 21 00 09 01 0a 02 01 00 04 09 84 90 93 43 57 47 49 69 0f 0a 07 03 15 94 21 43 65 87 03 04 1e 02 81 83 1d 03 80 90 a3 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x71 destination module id = 0x22 id = 0 type = 0x8001 status = 0 timestamp = 120348 05 53 92 10 d4 6d 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x22 destination module id = 0x23 id = 5 type = 0x8001 status = 0 timestamp = 120348 05 53 92 10 d4 6d 00 10 00 ------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------ source module id = 0x23 destination module id = 0x1d id = 33005 type = 0x8701 status = 0 timestamp = 120348 10 00 ------------------------------------------------------------------------------------------------------------
- Prev by Date: Re: [Ethereal-dev] urgent help
- Next by Date: [Ethereal-dev] RTCP: Calculating roundtrip-propagation delay
- Previous by thread: Re: [Ethereal-dev] urgent help
- Next by thread: [Ethereal-dev] RTCP: Calculating roundtrip-propagation delay
- Index(es):
- Get Wireshark
- Download
- Code of Conduct