When it comes to packet capturing, everyone probably knows, just open Wireshark, select the network adapter, and you can start. What’s there to say?
But, if your SIP phone suddenly can’t obtain an IP, you might not even be able to connect, so how do you capture packets? Or what if some devices don’t have packet capture functionality and are uncontrollable, what do you do?
Initially, we might use a switch to create a mirror port, allowing us to capture data. However, it’s not always that simple. The client’s site might not have a manageable switch, what should we do?
If you encounter such a scenario, and just so happen to have a USB network card, you can connect one end of the network cable to the network port and the other end from the USB network card to the device, forming a bridge. You can then capture the bridge’s packets on Wireshark, as shown in the image:
However, I currently only have one network card, so I can only pretend there’s another one below. After bridging, a new network card will appear, and by monitoring this network card in Wireshark, you can see the data you want.
Here’s the crucial part: if you don’t even have a USB network card, then you might need a fifty-cent network cable plus two RJ45 connectors, which can also work.
Let’s briefly explain the principle: network cables have eight wires, but only four are used. The remaining four are possibly used in gigabit networks, not in 100 megabit networks. The typical method for making network cables is: Orange-White, Orange, Green-White, Blue, Blue-White, Green, Brown-White, Brown. Only 1-2-3-6 are used. We use 1-2 for sending and 3-6 for receiving, then connect to 1-2 and 3-6 respectively to obtain the sending and receiving data. Sending and receiving data are separate, and cannot be obtained simultaneously. The specific connection method is as follows:
This RJ45 connector only uses four wires, and this end needs to be inserted into the device.
Connecting two wires to the other end’s 3-6 can properly capture the data you are concerned with.
This is the data sent by the phone.
This is the data received.
The above is the method introduced this time. If you’re interested, you can try it now!