Capturing Ooma traffic for IP Address
I've assembled a network tap between my Ooma (VOIP) device and router. I'm not sure how to setup WireShark to capture the data. I'm a rookie.
Any advice/help would be greatly appreciated.
The point of all this is to record the IP addresses of a couple of scammers in Europe and forward it to some authorities that could reduce their footprint!
Thank you for your time and efforts.
* Wireshark won't allow a pic of the tap until I'm acquired 60 points *
Does this mean a "DIY network tap" like the ones on the Capture using a network tap wiki page?
Or is it a piece of commercial gear?
Not sure what you need here.
Start by checking How To Set Up a Capture to see if this answers your question.
When you are capturing traffic with Wireshark, you have two main options:
Capture everything then use Display Filters to find the packets/protocols you are interested in.
Capture only what you need using Capture Filters so that you only save specific packets/protocols.
If you know what you want then option 2 makes smaller PCAP files but if you don't then capture everything.
I assembled a DIY system using 2 Northern Telecom RJ45 dual plate wall units. They are toned out correctly. It's the Wireshark settings etc. I was asking about.
Spooky, Thanks for some suggestions. I don't know what to filter since I don't know what to expect in the stream. How do you identify the packets that would have the required IP addresses that are valid?
Chuckc, I assembled a Passive Ethernet Tap such as in Figure 2 in: http://www.winsnort.com/tutorials/art...