This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I tried to decrypt RTP data over TCP in Wireshark. Though in the debug logs I'm getting decrypted fragments like the following,

dissect_ssl enter frame #102 (already visited)
  conversation = 05666758, ssl_session = 00000000
  record: offset = 0, reported_length_remaining = 101
dissect_ssl3_record: content_type 23 Application Data
association_find: TCP port 23500 found 00000000
association_find: TCP port 443 found 04D24DD8
dissect_ssl3_record decrypted len 69
decrypted app data fragment: ....
dissect_ssl enter frame #104 (already visited)
  conversation = 05666758, ssl_session = 00000000
  record: offset = 0, reported_length_remaining = 101
dissect_ssl3_record: content_type 23 Application Data
association_find: TCP port 23500 found 00000000
association_find: TCP port 443 found 04D24DD8
dissect_ssl3_record decrypted len 69
decrypted app data fragment: ....
dissect_ssl3_record found association 04D24DD8

I can see only encrypted packets in wireshark...

Anything i'm missing? Thanks in advance

asked 17 May '13, 03:27

Kalai's gravatar image

Kalai
165510
accept rate: 0%

edited 17 May '13, 07:52

Jaap's gravatar image

Jaap ♦
11.7k16101

How do you know this is RTP over TCP, what profile is used to provide the framing for RTP on this stream based transport?

(17 May '13, 07:57) Jaap ♦

I'm only transferring encrypted RTP from the client side over SSL using DHE suite.I tried to decrypt the data in wireshark but I coudn't...

(17 May '13, 08:37) Kalai
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×319
×238
×165
×75

question asked: 17 May '13, 03:27

question was seen: 2,431 times

last updated: 17 May '13, 08:37

p​o​w​e​r​e​d by O​S​Q​A