Wireshark For Video Surveillance Tutorial

Author: Brian Karas, Published on Aug 01, 2016

Want to snoop on the data going between your NVR and your IP camera?  Wireshark is the tool most commonly used to analyze network traffic and see what is really happening on the wire. It is helpful both in troubleshooting and understanding what is happening with IP camera streams.

This report gives an introduction to Wireshark and how to do some basic analysis on captured data to find information useful for camera setup and debugging, including:

  • Analyzing transmissions from IP cameras
  • Finding Unknown static IP addresses of IP cameras
  • Finding the RTSP URL of an IP camera
  • Using the follow option to get more data on an IP camera

**** ** ***** ** *** **** ***** ******* **** *** and **** ** ******?  *********** *** **** **** ******** **** ** ******* ******* ******* *** see **** ** ****** ********* ** *** ****. ** ** helpful **** ** *************** *** ************* **** ** ********* **** IP ****** *******.

**** ****** ***** ** ************ ** ********* *** *** ** do **** ***** ******** ** ******** **** ** **** *********** useful *** ****** ***** *** *********, *********:

  • ********* ************* **** ** *******
  • ******* ******* ****** ** ********* ** ** *******
  • ******* *** **** *** ** ** ** ******
  • ***** *** ****** ****** ** *** **** **** ** ** IP ******

[***************]

Getting ******* **** *********

******** ************ *** ******* *** ************, ********* ******** ****** ** ****.  If *** *** *** ******** **** ******* ******* ******* *** using ****** ***** *** **** **** ****** **** ** ******* Wireshark ** *** **** ******* ** **** ***. *** ************ should *** ******* * ******* ** ********* *********, *** *** should ** *** ******* ****** ***-**** ***** ** ** ****.

Wireshark *****

***** *** * *** ** ********** ** *********, *** ***** videos ** *********** ** ********* ******* *** ***** ******* ** look ******* *** ******** ****.  *** ********* ***** ***** *** to ***** * ****** *******:

Find ** ******* ****** ** ** * ******

** *** **** **** **** ****** * ****** **** *** a ****** ** ******* **** *** ***** *** ****** *** this ******** ***** *** *** **** **.  ** ** *********** to ***** **** *** ****** *** **** ***** ** **** up ******* ***** *** ***** *** ****** *******.

** **** *** ** *** *** "***" ****** *** *** to *** * *** ******* ****** ** **** ******* ******** data.


Find *** **** *** ** * ******

** *** **** * ******** ********* ** * ****** *** you **** ** **** *** **** *** ***** **** **** tutorial ***** *** *** ** **** **** ******* ** * packet *******.  **** **** *** "***** *******" ******.


Find *** *** **** ******* ** ** *********** ******

** ******* ***** **** **** * ****** ** **** ** the ***** *****, ********* *** **** *** *** *** ******* related ** *** ***** ****** **** **** * *** ******.  This ***** ***** *** *** ** *** *** "******" ******.


Other ****** *******

********* *** * **** ******** ********* *********, ** ********* ** the ******* ******* *************, ****** *** ******** ** ***** ***** ***** ** **** for *************** ** ****** ** ****** ******* *******.

** *** **** *** ** ******* ** * ****** *** want ** *** *** *** ******* ***** ** ** **** that ****** **** *** **** ******** *** *** *** *** following ******:

**.**** = ***.***.*.*

** *** ******* **** ** *********** **** * ******** ****** you *** *** *** "***" (******) ******:

**.*** == ***.***.**.**

********* *** *** *** * "***" (***********) ****** ** *** all *** ******* ***** **** ** * ******:

**.*** == ***.***.*.***

******* ***** *** ** **** ** ******* *******, **** ** to **** *** ******* **** * ******** **:

**.**** = ***.***.*.** && **.***** == ***

 

Comments (12)

Thumbnail business cat

Jon Swatzell

08/01/16 03:27pm

***** **** *****!

Undisclosed Manufacturer #1

08/01/16 07:13pm

*****

**** ***** ******* **** ***** *** **** **** ** ******* on *** ******* ** ******* *****. **** **** ** ******* helpful ** *** **********, *** ******* ******* *** ** ********.

***** * **** ********** *** ******* *** ************* **** *** VMS ** *** ******* ***** *****, *** ************* ******* *** VMS *** *** ****** ** ********** ******* ** *** ******** of *****. ***** *** *** ********** ** *** **** - some *** ********* **** ** ******* ********** *** **** **** not *********** ******* ******* ** **** ** ******* *** ****

***** *******

Thumbnail dileep

DILEEP LAL

IPVMU Certified | 08/02/16 10:09am

*****, ********* ****...!!

Undisclosed Manufacturer #2

08/03/16 01:30am

***** *** *********** *******.

**** ****** ***** ***** ***** ** **** *** *** *** for ********, *** *** **** **'* **** *** ******* ************** and **************, * ***** * *** ** ******* ***** **** be ***** *****, *** * *** *** ***** **** *** RTSP ***** ****** ** *** ***** *********. ** * ****** man ** *** ****** **** ******** *** ***** ******* ***** well ** ** *** *** ** ** ******* ** ***!

**** ********* ***** *** ******* ********, *** **** ****** ***** to *** *********** ***** *******. *** ***** *** ****, *** so ********* **** ***** ****** **** ** ***** ** *** camera *** *** ***** ****** ******* ** ******* ***** *,***** faster **** ******* ***

*** ****** **** ****** ** **** *********** *** ********* ***-******** experts.

*** ************ *** ***** **** **** ****, ** **** **** understand ****. ** **** ****?

** **** ***** ***-*** ********** **** ** *** ******, *** you **** ** **** ** ******* **** ******* ** ***** out, **** ***** *** ******* ** ***** **** ***** ********.

**** **** * **** ** ******** *** **** *** ******* this ** *** *** ** ** ********.

***** ******* ******** *** **** ****** *** ****; *** ********** is **** ******, ***** ** ***** ********* ***** ** **** at *** ******* *** ***** *******.

*** ***** * ***** **** *** ****** *** ** *********** switch ** ***** *********, ** *** *** ***** *** **** to ***** ********** ** * ********** **** **** ** ** you *** **** *** *** ******* ** ****, ******* * stand ***** *** *** *** *******. *** ** ***** ***** naturally ********** ********* ** **** ** **** ******, ** ********* in *** *******.

Undisclosed #3

In reply to Undisclosed Manufacturer #2 | 08/03/16 03:11am

*.*.*.* ***/****/****/***

*** **** ****** ***** ** **** *** **** ** ******** a ********. * ****** ***** ******* ***** ******** ***** ***/****/****/***. And ** * ******supports ****.*, the data stream shall be sent or received via HTTPS to traverse a firewall, and a device shall support media transfer using ***/****/*****/***.

***** ********* **** ****

Thumbnail brk1

Brian Karas

IPVM | In reply to Undisclosed Manufacturer #2 | 08/03/16 12:12pm

*** ***** * ***** **** *** ****** *** ** *********** switch ** ***** *********, ** *** *** ***** *** **** to ***** ********** ** * ********** **** **** ** ** you *** **** *** *** ******* ** ****, ******* * stand ***** *** *** *** *******.

**** ** * **** ****. * ******** **** ** *** 10/100 ******* ***** ( * **** ***, *** * ******) that *'** ***** ** ** ***** *** *** * **** stream **** * ****** ** ****** ******* *****. * ***-********** smart ****** **** * ****** **** ******* ***** ** *** same *****.

* ***** * *** ** ******* ***** **** ** ***** Onvif, *** * *** *** ***** **** *** **** ***** stream ** *** ***** *********. ** * ****** *** ** the ****** **** ******** *** ***** ******* ***** **** ** on *** *** ** ** ******* ** ***!

***** ***, ** ******* *******, ** **** * ****** **** was * *********** ******* ******* *** ****** *******. ** ***** interpret *** *** *** ******* ** **** **** ** ******* what ***** **** ***** **** ****. ****** **** **** * found ** ********** ******* **** ***** *********** ***** ** ******* packets *** *** ****. **, ** *** *********** * **** to ** **** ** *** ******, *** * ***** *** access ** **** ******* *******, * ***** *** * **** of *** ***** *** ******** ** ************** **** ** ** snoop *******. *** **** ******* ***** ** ******* ** *********** video *******, ** ************ ********* ***** ***** ********* **** ****** you * ****** ** ** **** ******.

**** ******** ******* ****** ***** ****** ****** ** **** ****** ****** ******* **** need * ****** ** ****** ****/***. ****** *** ******* *** to * ********* **, *** *** ***** ****** * ****** that ********** ******* *** * **** ** *** ****** ****** without *** ********** ****** ** *** *******.

Undisclosed #3

In reply to Brian Karas | 08/03/16 04:51pm

**** ** * **** ****. * ******** **** ** *** 10/100 ******* ***** ( * **** ***, *** * ******) that *'** ***** ** ** ***** *** *** * **** stream **** * ****** ** ****** ******* *****. * ***-********** smart ****** **** * ****** **** ******* ***** ** *** same *****.

* ****/** ******* ***? ***** ***!

******* *** ** ** *** ** ******* *** *** *** the *** ** ******* **** **** **** *** **.

Undisclosed Manufacturer #2

08/04/16 01:42am

* **** * ******* ******, *** ****** * **** ******* to ** **** *** *** ** *** *** **** ** yonder *****! * ** **** **** ** **** *** ** old ***** ** *** ***** ** **, ***** *** *** means ********* ******** ** ********* **** **** *******.

*** ***** ** ******* **** ********* *** **-** ********, *** how ********** **** **** ** ******** ******* **. *** ** it's * **** *********** *****!

**** **-** ********, ** *** *** ******* *** ***** *** everyone ** ***** **.

Undisclosed #3

In reply to Undisclosed Manufacturer #2 | 08/04/16 06:55am

* ** **** **** ** **** *** ** *** ***** in *** ***** ** **, ***** *** *** ***** ********* obsolete ** ********* **** **** *******.

* **** * ******* **** **** *** ****'* ***** ** useful ** *** *** * ****** **.

*** **** *** *****, ** **** *** ******* **** **/******* interfaces *** ***** ** * ****** ***, *** ***** ** are *** ***** ** ********* **** ** * *** **** basis **** ***, ** ***'* ****** **** * ** ********, not *** **** ******. ****** **** ******* ** *****.

****'* *** **'** ** * **** *******...

Thumbnail patrick hart

Patrick Hart

IPVMU Certified | 09/05/16 05:15pm

** **** ********* ************* ***** ***** ** ** ******* ***** be **** ** ****...

Undisclosed #3

In reply to Patrick Hart | 09/05/16 05:26pm

** **** ********* ************* ***** ***** ** ** ******* ***** be **** ** ****...

*** ***** ** * ********* ************ ** ******* **** **** Ethical ****** ****** ***********.

John Honovich

IPVM | In reply to Patrick Hart | 09/05/16 08:39pm

** **** ********* ************* ***** ***** ** ** *******

***, ** *** ****** ** * *** **** *** *** IP ********** ***** ******** ** *******, **** **** ******* * classes ** ************* ********* **** **** ** ************.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Most Recent Industry Reports

Cisco Falling - Favorite Network Switches 2017 on Oct 20, 2017
1 major manufacturer fell and 1 outsider manufacturer gained as integrator favorites for network switches from more than 140 votes / explanations...
Uniview Recorder Backdoor Examined on Oct 20, 2017
A Chinese research group has identified a vulnerability in Uniview recorders that allows backdoor access in a method similar to the Dahua...
Hikvision Access Control Tested on Oct 19, 2017
Hikvision aggressive pricing and marketing combined with generally reliable hardware and free software has made them a major player in video...
Verkada, Silicon Valley VSaaS Startup, Targets Enterprise on Oct 19, 2017
Verkada says they are building an enterprise-class VSaaS offering, calling it "The new platform for video security". This is a departure from the...
Exacq Unbreaks Avigilon Integration on Oct 18, 2017
For nearly 4 years, Exacq had broken and effectively blocked use with Avigilon cameras, as IPVM reported in January 2014. Now, Exacq has...
Search More Important Than Live Monitoring - Statistics on Oct 18, 2017
Search is overall more important than live monitoring to integrators, according to new IPVM statistics.  The key themes found in integrator...
Axis 'Sold Out' P3707-PVE Multi-Imager Tested on Oct 18, 2017
Axis faced significant product shortages over the summer. Perhaps the most notorious and significantly sold out model was the Axis P3707-PE 8MP...
Dahua Removes Auto Rebooting on Oct 17, 2017
For years, Dahua has automatically programmed its IP cameras to reboot weekly, a highly atypical and questionable practice. Following IPVM...
Deep Learning Tutorial For Video Surveillance on Oct 17, 2017
Deep learning is a growing buzzword within physical security and video surveillance. But what is 'deep learning'? In this tutorial, we explain...
Multipoint Lock Access Control Tutorial on Oct 17, 2017
Doors are notoriously weak at stopping entry, and money can be misspent on wrong locks that leave doors quite vulnerable. While closed and locked...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact