|
|
XymphonyProgramming-WiresharkUsageIt is used for to capture wireshark network package and to view the contents of packages in detail. On the exchange side, it is used for to analyze H323 and sip messages which are used in VoIP protocol, to analyze voice packages (RTP) and to see the attacks to the exchange. The Wireshark is free and you can download from the following link, Some Useful Third Party Utilities To capture TCP/IP package first of all a managed switch should be used and you should mirror the port that is linked to the exchange (where conversation happens) to other port which is linked to your computer. If the switch to which the exchange is connected is not a managed switch, you can use Wireshark by using a managed switch as in the link shown in the picture below.  When you start Wireshark programme, firstly monitoring network interface (Ethernet, wifi and etc.) should be selected.  Connect the pc which wireshark is run, to managed switch with ethernet cable; select the local area network from Capture/Interfaces and press the start button.  When capturing the TCP/IP packages starts, thousands of packages will come to the screen. What is important for us is if the sip protocol is used to see the VoIP packages, write “sip” to the filter area and press the ”apply” button.  If you see the sip packages on the screen, it is understood that you catch the packages from the mirror port of managed switch which you are using.  To save the packages to the computer press the “Stop” button.  To save and analyze the file, send an e-mail to Technical Services Department.  |