record voip

[ciao]

hi,

does anyone here know how to tap a voip call? i need this for a school project.
i have tried with cain but there are 2 problems: cain only sees the traffic inside the network and 2, i have to be able to play the conversation in realtime.


thanks

ps: i managed with cain to record a conversation in a lan, between 2 computers but as i said .. i need to be able to capture all voip calls that come to a specific computer, and to play them in realtime

[Eyecre8]

Googled "sniff VOIP" and found a ton of relevant articles.

Funny thing was... the FIRST result was of our AO resident, Irongeek... and his tutorial
for sniffing VOIP using CAIN. Not sure if you saw his tutorial, if not, have a look at it:
Sniffing VoIP Using Cain


Also, what platform/OS you are using to sniff from?
Here are a couple apps:

TelRex
Realtime recording & Monitoring. TelRex CallRex - is a software-based VoIP call recording solution that supports integration with 3Com NBX, Cisco Call Manager, Mitel ICP, Nortel BCM, Artisoft Televantage, Avaya IP Office, Siemens HighPath, NEC NEAX, Shortel Shorewave, and Zultsys MX250.

Vomit
voice over misconfigured[1] internet telephones

VoIPong
VoIPong is a utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to seperate wave files. It supports SIP, H323, Cisco's Skinny Client Protocol, RTP and RTCP.

And a bunch more.....

[ciao]

i know the irongeek tutorial, i looked at it .. but it doesn't help, as i've mentioned, i need to be able to play the conversations in realtime.

Telrex .. for two days I am waiting for a reply from the guys there.. I received an email that said .. "A Telrex representative will contact you shortly. Once you've spoken with
Telrex, you will be sent a separate email with the link to download CallRex
Professional".

Well.. nothing yet.. and I'm not making any big hopes

In principle I wanted to do this on Windows, but Linux is also an option.

Vomit as far as I know only works for Cisco phones.

I have to try VoIPong, hopefully it will do what I need.

If you have telrex can you please send it to me ? (bog_andy@yahoo.com)

Also.. if anyone has a little program called rtpscan .. I would be very thankful

[judgement]

Last time I checked, realtime monitoring was considered a form of wire-tapping and even recording VOIP has serious legal issues with out proper authorization. If it is a school project then the instructor should already be able to demonstrate how to do it properly on a closed system. Call me paranoid, but I have seen too many "school" projects abused. If I understand this forum correctly, I would be cautious of providing any information on this issue.

AND I am not paranoid, they ARE out to get me!

[Deeboe]

I'll tell ya, ever since I joined AO, I have come to realize that I went to the wrong school.

Man, school projects seem to be a lot cooler now then when I studied CS.

-Deeboe

[spazzmatrix]

Talk about esp. I was just at irongeeks site checking out some of his new/old vids. And what would you know, thats one I watched.

It is amazing how many "classes" these new schools have now. Makes me want to move and do school all over again.

Irongeeks tutorial is as simple as it gets.

[ciao]

the project is in a 'closed environment' and every student received a topic. i got this one

i ran out of ideas and that is why i have posted here. it's not something ilegal if i tap my own phone is it ?

also.. i couldn't find the email address of irongeek, so if anyone has it please send it to me or send this post to him so he can check it out, maybe he has some ideas about solving my problem

thanks

[Und3ertak3r]

There are a growing number of tools for the testing of VOIP links.
When testing a IP-PBX or a VOIP Link you need to check a number of areas of the traffic..
at the end of the day the CEO isnt concerned about dropped packets, the codec used..all the CEO wants to know is will the "Hot and sweaty Chat line" sound as good over the VOIP link as the standard analogue..

Now for the tool to do all that ... Hammer call analyzer

Before we purchased the really "good shite" (?).. that was among what I was useing. pity none of what I have seen aren't point and click.. I have to keep useing my brain

[w-mellon]

This is all a theoretical exercise...
One would assume part of this task is getting to/at the voip packets. Physical access to the wire - insert a hub, MAC flood the switch, etc. a man-in-the-middle attack may be useful - this depends on the voip protocol you intend to target - SIP or H.323. With SIP you can attempt to redirect the call to yourself as a redirect server or network router gateway. H.323 is different - you'll need to redirect the call at startup to yourself by being the gateway/gatekeeper.

The hard part (for me anyway) is re-programming the softphone to capture the voip control setup (SIP or H.323) and then play the RTP stream as the packets hit the interface yet not be part of the call - kinda a softphone "monitor" or bridged connection. Conference call function maybe?

Good Luck with your project.

[ciao]

actually i have to catch sip packets and i have to do a man in the middle attack to get tha packets. the mitm attack was successful with use of cain. like i said.. cain can't set a dynamic filter so it only gets the rtp packets from inside the lan. if i was to call from outside the network.. (Ex. sipgate) it would be in vane ..

but that's another problem.. my problem is.. how can i decode the rtp packets in order to play them in realtime.

i thought that i should decode the packets before i forward them to the 'victim'
how do i decode them and manage to listen to them... no idea