Ask Your Question
0

Zoom meeting UDP Port 8801 vs RTP vs. H.323 vs SIP?

asked 2019-08-05 17:46:09 +0000

Packetman007 gravatar image

Wireshark allows one to change protocol decode settings so it decodes the protocols in the packet properly.

What correlating udp/tcp ports and protocols does Zoom use that will allow Zoom traffic to be decoded in Wireshark as the standards set?

i.e., RTP ports for Cisco are xxx, RTP ports for Zoom ports?

These are Zoom ports, but Wireshark only decodes them as UDP, I need to see the H.224 and SIP protocols that Zoom uses.

8801, 8802, 443, 3478, 3479, 8801 – 8810, 5090, 5091, 20000-64000

H.323/SIP

Wireshark will not decode a standard protocol inside a non-standard udp/tcp port unless you tell it the compatible port.

Anyone have the ports used by Zoom and their standards equivalent?

edit retag flag offensive close merge delete

Comments

First you have to check if the traffic is Encrypted or Not, as far I know it is already encrypted.

Ahm Gwd gravatar imageAhm Gwd ( 2019-10-19 16:48:18 +0000 )edit

1 Answer

Sort by » oldest newest most voted
0

answered 2024-12-03 02:46:53 +0000

3Matt gravatar image

I recommend looking at https://github.com/Princeton-Cabernet...

The zoom.lua is a great extension and a very simple place to start. You can then add their other analysis tools.

Can't recommend highly enough.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-08-05 17:46:09 +0000

Seen: 7,553 times

Last updated: 14 hours ago