On Fri, 05 Aug 2005 17:32:21 GMT, David Taylor <djtaylor@bigfoot.com>
wrote:

>> The industry has a variety of commercial vendors who sell VoIP test,
>> quality monitoring, and call analysis tools. For example:
>
>Jeff, you're dangling that word "sell" again! ;)

Well, yes. I'm in the business of separating my customers from their
money. As a greedy businessman, I consider it appropriate for
customer to help subsidize my decadent and lavish lifestyle. So far,
one person sent me $15 via paypal for my sage advice. It's a start.

I just wanted to point out that sniffers and monitors are commonly
available, even if you do have to pay for them.

>I don't think too many of dubious intent will be rushing to buy when
>there's something for free which I took as the initial concern.

Well, Ethereal is free as are the various plug-in decoders.

Here's a free JAVA based VoIP sniffer I found on Sourceforge:
http://jvoip-sip.sourceforge.net/index.php
One problem is that it's mostly in Italian.

>> Ethereal will also capture and decode most VoIP protocols and RTP
>> streams. It's a bit tricky but not impossible. Here's some clues:
>> http://www.voice2sniff.org
>> http://www.ethereal.com/lists/ethere.../msg00092.html

>Yep, quite.
>However either way, my point was that VoIP capture is NOW not something
>that may happen in the future.

Agreed. Wireless VoIP sniffing is easy enough and can be done. Also,
there's a problem with some clients. The voice payload might be
encrypted but the SIP setup data is by necessity unencrypted.
Therefore, I can extract what phone numbers or IP's are being called,
and who's originating the call, which is quite useful information.



--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
AE6KS 831-336-2558