Decoding SIP as raw texts

asked 2025-01-28 10:11:45 +0000

Hi,

As the title suggests, I am trying to decode SIP as raw text. I currently have two laptops; the old one which I've been using for about 4 years and was able to decode SIP as raw text. I cant quite remember how I was able to do that as I did it early on after getting the laptop.

I'm trying to decode SIP on my new laptop as well but I haven't figured out how. The SIP packets just come out as ESP (under protocol) but I can see the SIP details in the decoding whereas on the old laptop wireshark lists them as SIP.

Any got any ideas how I can get wireshark on my new laptop to decode those packets as SIP?

Thanks!

edit retag flag offensive close merge delete

add a comment

Comments

e.g. You might have to disable that dissector as it being used in preference to SIP. Create a new Wireshark profile to test that change.

grahamb ( 2025-01-28 12:13:29 +0000 )edit

No, I suspekt esp is with null algoritm e.g not encrypted there is a preferenser for it but I don't remember the exakt wording off hand.

Anders ( 2025-01-28 12:21:02 +0000 )edit

@Anders is right. Theres a setting for ESP that says Attempt to detect/decode NULL encrypted ESP Payloads. This box should be ticked and you should be able to see SIP packets now.

sam1113 ( 2025-01-29 09:38:56 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Decoding SIP as raw texts

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Decoding SIP as raw texts edit

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Decoding SIP as raw texts