Wireshark For Video Surveillance Tutorial

Author: Brian Karas, Published on Aug 01, 2016

Want to snoop on the data going between your NVR and your IP camera?  Wireshark is the tool most commonly used to analyze network traffic and see what is really happening on the wire. It is helpful both in troubleshooting and understanding what is happening with IP camera streams.

This report gives an introduction to Wireshark and how to do some basic analysis on captured data to find information useful for camera setup and debugging, including:

  • Analyzing transmissions from IP cameras
  • Finding Unknown static IP addresses of IP cameras
  • Finding the RTSP URL of an IP camera
  • Using the follow option to get more data on an IP camera

**** ** ***** ** *** **** ***** ******* **** *** and **** ** ******?  *********** *** **** **** ******** **** ** ******* ******* ******* *** see **** ** ****** ********* ** *** ****. ** ** helpful **** ** *************** *** ************* **** ** ********* **** IP ****** *******.

**** ****** ***** ** ************ ** ********* *** *** ** do **** ***** ******** ** ******** **** ** **** *********** useful *** ****** ***** *** *********, *********:

  • ********* ************* **** ** *******
  • ******* ******* ****** ** ********* ** ** *******
  • ******* *** **** *** ** ** ** ******
  • ***** *** ****** ****** ** *** **** **** ** ** IP ******

[***************]

Getting ******* **** *********

******** ************ *** ******* *** ************, ********* ******** ****** ** ****.  If *** *** *** ******** **** ******* ******* ******* *** using ****** ***** *** **** **** ****** **** ** ******* Wireshark ** *** **** ******* ** **** ***. *** ************ should *** ******* * ******* ** ********* *********, *** *** should ** *** ******* ****** ***-**** ***** ** ** ****.

Wireshark *****

***** *** * *** ** ********** ** *********, *** ***** videos ** *********** ** ********* ******* *** ***** ******* ** look ******* *** ******** ****.  *** ********* ***** ***** *** to ***** * ****** *******:

Find ** ******* ****** ** ** * ******

** *** **** **** **** ****** * ****** **** *** a ****** ** ******* **** *** ***** *** ****** *** this ******** ***** *** *** **** **.  ** ** *********** to ***** **** *** ****** *** **** ***** ** **** up ******* ***** *** ***** *** ****** *******.

** **** *** ** *** *** "***" ****** *** *** to *** * *** ******* ****** ** **** ******* ******** data.


Find *** **** *** ** * ******

** *** **** * ******** ********* ** * ****** *** you **** ** **** *** **** *** ***** **** **** tutorial ***** *** *** ** **** **** ******* ** * packet *******.  **** **** *** "***** *******" ******.


Find *** *** **** ******* ** ** *********** ******

** ******* ***** **** **** * ****** ** **** ** the ***** *****, ********* *** **** *** *** *** ******* related ** *** ***** ****** **** **** * *** ******.  This ***** ***** *** *** ** *** *** "******" ******.


Other ****** *******

********* *** * **** ******** ********* *********, ** ********* ** the ******* ******* *************, ****** *** ******** ** ***** ***** ***** ** **** for *************** ** ****** ** ****** ******* *******.

** *** **** *** ** ******* ** * ****** *** want ** *** *** *** ******* ***** ** ** **** that ****** **** *** **** ******** *** *** *** *** following ******:

**.**** = ***.***.*.*

** *** ******* **** ** *********** **** * ******** ****** you *** *** *** "***" (******) ******:

**.*** == ***.***.**.**

********* *** *** *** * "***" (***********) ****** ** *** all *** ******* ***** **** ** * ******:

**.*** == ***.***.*.***

******* ***** *** ** **** ** ******* *******, **** ** to **** *** ******* **** * ******** **:

**.**** = ***.***.*.** && **.***** == ***

 

Comments (12)

Thumbnail business cat

Jon Swatzell

08/01/16 03:27pm

***** **** *****!

Undisclosed Manufacturer #1

08/01/16 07:13pm

*****

**** ***** ******* **** ***** *** **** **** ** ******* on *** ******* ** ******* *****. **** **** ** ******* helpful ** *** **********, *** ******* ******* *** ** ********.

***** * **** ********** *** ******* *** ************* **** *** VMS ** *** ******* ***** *****, *** ************* ******* *** VMS *** *** ****** ** ********** ******* ** *** ******** of *****. ***** *** *** ********** ** *** **** - some *** ********* **** ** ******* ********** *** **** **** not *********** ******* ******* ** **** ** ******* *** ****

***** *******

Thumbnail dileep

DILEEP LAL

IPVMU Certified | 08/02/16 10:09am

*****, ********* ****...!!

Undisclosed Manufacturer #2

08/03/16 01:30am

***** *** *********** *******.

**** ****** ***** ***** ***** ** **** *** *** *** for ********, *** *** **** **'* **** *** ******* ************** and **************, * ***** * *** ** ******* ***** **** be ***** *****, *** * *** *** ***** **** *** RTSP ***** ****** ** *** ***** *********. ** * ****** man ** *** ****** **** ******** *** ***** ******* ***** well ** ** *** *** ** ** ******* ** ***!

**** ********* ***** *** ******* ********, *** **** ****** ***** to *** *********** ***** *******. *** ***** *** ****, *** so ********* **** ***** ****** **** ** ***** ** *** camera *** *** ***** ****** ******* ** ******* ***** *,***** faster **** ******* ***

*** ****** **** ****** ** **** *********** *** ********* ***-******** experts.

*** ************ *** ***** **** **** ****, ** **** **** understand ****. ** **** ****?

** **** ***** ***-*** ********** **** ** *** ******, *** you **** ** **** ** ******* **** ******* ** ***** out, **** ***** *** ******* ** ***** **** ***** ********.

**** **** * **** ** ******** *** **** *** ******* this ** *** *** ** ** ********.

***** ******* ******** *** **** ****** *** ****; *** ********** is **** ******, ***** ** ***** ********* ***** ** **** at *** ******* *** ***** *******.

*** ***** * ***** **** *** ****** *** ** *********** switch ** ***** *********, ** *** *** ***** *** **** to ***** ********** ** * ********** **** **** ** ** you *** **** *** *** ******* ** ****, ******* * stand ***** *** *** *** *******. *** ** ***** ***** naturally ********** ********* ** **** ** **** ******, ** ********* in *** *******.

Undisclosed #3

In reply to Undisclosed Manufacturer #2 | 08/03/16 03:11am

*.*.*.* ***/****/****/***

*** **** ****** ***** ** **** *** **** ** ******** a ********. * ****** ***** ******* ***** ******** ***** ***/****/****/***. And ** * ******supports ****.*, the data stream shall be sent or received via HTTPS to traverse a firewall, and a device shall support media transfer using ***/****/*****/***.

***** ********* **** ****

Thumbnail brk1

Brian Karas

IPVM | In reply to Undisclosed Manufacturer #2 | 08/03/16 12:12pm

*** ***** * ***** **** *** ****** *** ** *********** switch ** ***** *********, ** *** *** ***** *** **** to ***** ********** ** * ********** **** **** ** ** you *** **** *** *** ******* ** ****, ******* * stand ***** *** *** *** *******.

**** ** * **** ****. * ******** **** ** *** 10/100 ******* ***** ( * **** ***, *** * ******) that *'** ***** ** ** ***** *** *** * **** stream **** * ****** ** ****** ******* *****. * ***-********** smart ****** **** * ****** **** ******* ***** ** *** same *****.

* ***** * *** ** ******* ***** **** ** ***** Onvif, *** * *** *** ***** **** *** **** ***** stream ** *** ***** *********. ** * ****** *** ** the ****** **** ******** *** ***** ******* ***** **** ** on *** *** ** ** ******* ** ***!

***** ***, ** ******* *******, ** **** * ****** **** was * *********** ******* ******* *** ****** *******. ** ***** interpret *** *** *** ******* ** **** **** ** ******* what ***** **** ***** **** ****. ****** **** **** * found ** ********** ******* **** ***** *********** ***** ** ******* packets *** *** ****. **, ** *** *********** * **** to ** **** ** *** ******, *** * ***** *** access ** **** ******* *******, * ***** *** * **** of *** ***** *** ******** ** ************** **** ** ** snoop *******. *** **** ******* ***** ** ******* ** *********** video *******, ** ************ ********* ***** ***** ********* **** ****** you * ****** ** ** **** ******.

**** ******** ******* ****** ***** ****** ****** ** **** ****** ****** ******* **** need * ****** ** ****** ****/***. ****** *** ******* *** to * ********* **, *** *** ***** ****** * ****** that ********** ******* *** * **** ** *** ****** ****** without *** ********** ****** ** *** *******.

Undisclosed #3

In reply to Brian Karas | 08/03/16 04:51pm

**** ** * **** ****. * ******** **** ** *** 10/100 ******* ***** ( * **** ***, *** * ******) that *'** ***** ** ** ***** *** *** * **** stream **** * ****** ** ****** ******* *****. * ***-********** smart ****** **** * ****** **** ******* ***** ** *** same *****.

* ****/** ******* ***? ***** ***!

******* *** ** ** *** ** ******* *** *** *** the *** ** ******* **** **** **** *** **.

Undisclosed Manufacturer #2

08/04/16 01:42am

* **** * ******* ******, *** ****** * **** ******* to ** **** *** *** ** *** *** **** ** yonder *****! * ** **** **** ** **** *** ** old ***** ** *** ***** ** **, ***** *** *** means ********* ******** ** ********* **** **** *******.

*** ***** ** ******* **** ********* *** **-** ********, *** how ********** **** **** ** ******** ******* **. *** ** it's * **** *********** *****!

**** **-** ********, ** *** *** ******* *** ***** *** everyone ** ***** **.

Undisclosed #3

In reply to Undisclosed Manufacturer #2 | 08/04/16 06:55am

* ** **** **** ** **** *** ** *** ***** in *** ***** ** **, ***** *** *** ***** ********* obsolete ** ********* **** **** *******.

* **** * ******* **** **** *** ****'* ***** ** useful ** *** *** * ****** **.

*** **** *** *****, ** **** *** ******* **** **/******* interfaces *** ***** ** * ****** ***, *** ***** ** are *** ***** ** ********* **** ** * *** **** basis **** ***, ** ***'* ****** **** * ** ********, not *** **** ******. ****** **** ******* ** *****.

****'* *** **'** ** * **** *******...

Thumbnail patrick hart

Patrick Hart

IPVMU Certified | 09/05/16 05:15pm

** **** ********* ************* ***** ***** ** ** ******* ***** be **** ** ****...

Undisclosed #3

In reply to Patrick Hart | 09/05/16 05:26pm

** **** ********* ************* ***** ***** ** ** ******* ***** be **** ** ****...

*** ***** ** * ********* ************ ** ******* **** **** Ethical ****** ****** ***********.

John Honovich

IPVM | In reply to Patrick Hart | 09/05/16 08:39pm

** **** ********* ************* ***** ***** ** ** *******

***, ** *** ****** ** * *** **** *** *** IP ********** ***** ******** ** *******, **** **** ******* * classes ** ************* ********* **** **** ** ************.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Most Recent Industry Reports

Reseting IP Cameras - 30 Manufacturer Directory on Sep 22, 2017
Every camera has a reset button (well, almost) but it is not always clear what these buttons do, how long they need to be held, what settings they...
Genetec Launches Cloud Access Control (Synergis SaaS) on Sep 21, 2017
Genetec's cloud everything expansion continues, with their announcement of Synergis SaaS edition, joining their cloud video offering Stratocast,...
Genetec CEO Warns Against Insider Threats on Sep 21, 2017
With Dahua and Hikvision cybersecurity issues becoming indisputable, a new counter has emerged. Just put them behind a firewall, buy cheap...
New IPVM Calculator V3 Released on Sep 20, 2017
The New IPVM Calculator V3 is released. An entirely new architecture delivers the following benefits: Turbo The calculator is now ~50% faster in...
Automatic Door Operators For Access Tutorial on Sep 20, 2017
Opening and closing doors might sound simple, but it takes a high-tech piece of door hardware to pull it off. Integrating automatic door operators...
'Clowns' Allege Ubiquiti 'Completely Fraudulent' on Sep 20, 2017
A short seller has alleged Ubiquiti is 'completely fraudulent'. Ubiquiti's CEO has responded calling them 'clowns'. Here is the short...
Avigilon 'Blue' Cloud Entry Examined on Sep 19, 2017
Avigilon is moving to the cloud. The company announced their Avigilon Blue platform, designed to be a web-managed surveillance system, utilizing...
HID Buys Mercury Security on Sep 19, 2017
One of the biggest access control deals in years. Mercury Security, the most widely used access hardware OEM, and partner to 20+ manufacturers,...
Hikvision Backdoor Exploit on Sep 18, 2017
Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact