Wireshark For Video Surveillance Tutorial

Author: Brian Karas, Published on Aug 01, 2016

Want to snoop on the data going between your NVR and your IP camera?  Wireshark is the tool most commonly used to analyze network traffic and see what is really happening on the wire. It is helpful both in troubleshooting and understanding what is happening with IP camera streams.

This report gives an introduction to Wireshark and how to do some basic analysis on captured data to find information useful for camera setup and debugging, including:

  • Analyzing transmissions from IP cameras
  • Finding Unknown static IP addresses of IP cameras
  • Finding the RTSP URL of an IP camera
  • Using the follow option to get more data on an IP camera

**** ** ***** ** *** **** ***** ******* **** *** and **** ** ******?  *********** *** **** **** ******** **** ** ******* ******* ******* *** see **** ** ****** ********* ** *** ****. ** ** helpful **** ** *************** *** ************* **** ** ********* **** IP ****** *******.

**** ****** ***** ** ************ ** ********* *** *** ** do **** ***** ******** ** ******** **** ** **** *********** useful *** ****** ***** *** *********, *********:

  • ********* ************* **** ** *******
  • ******* ******* ****** ** ********* ** ** *******
  • ******* *** **** *** ** ** ** ******
  • ***** *** ****** ****** ** *** **** **** ** ** IP ******

[***************]

Getting ******* **** *********

******** ************ *** ******* *** ************, ********* ******** ****** ** ****.  If *** *** *** ******** **** ******* ******* ******* *** using ****** ***** *** **** **** ****** **** ** ******* Wireshark ** *** **** ******* ** **** ***. *** ************ should *** ******* * ******* ** ********* *********, *** *** should ** *** ******* ****** ***-**** ***** ** ** ****.

Wireshark *****

***** *** * *** ** ********** ** *********, *** ***** videos ** *********** ** ********* ******* *** ***** ******* ** look ******* *** ******** ****.  *** ********* ***** ***** *** to ***** * ****** *******:

Find ** ******* ****** ** ** * ******

** *** **** **** **** ****** * ****** **** *** a ****** ** ******* **** *** ***** *** ****** *** this ******** ***** *** *** **** **.  ** ** *********** to ***** **** *** ****** *** **** ***** ** **** up ******* ***** *** ***** *** ****** *******.

** **** *** ** *** *** "***" ****** *** *** to *** * *** ******* ****** ** **** ******* ******** data.


Find *** **** *** ** * ******

** *** **** * ******** ********* ** * ****** *** you **** ** **** *** **** *** ***** **** **** tutorial ***** *** *** ** **** **** ******* ** * packet *******.  **** **** *** "***** *******" ******.


Find *** *** **** ******* ** ** *********** ******

** ******* ***** **** **** * ****** ** **** ** the ***** *****, ********* *** **** *** *** *** ******* related ** *** ***** ****** **** **** * *** ******.  This ***** ***** *** *** ** *** *** "******" ******.


Other ****** *******

********* *** * **** ******** ********* *********, ** ********* ** the ******* ******* *************, ****** *** ******** ** ***** ***** ***** ** **** for *************** ** ****** ** ****** ******* *******.

** *** **** *** ** ******* ** * ****** *** want ** *** *** *** ******* ***** ** ** **** that ****** **** *** **** ******** *** *** *** *** following ******:

**.**** = ***.***.*.*

** *** ******* **** ** *********** **** * ******** ****** you *** *** *** "***" (******) ******:

**.*** == ***.***.**.**

********* *** *** *** * "***" (***********) ****** ** *** all *** ******* ***** **** ** * ******:

**.*** == ***.***.*.***

******* ***** *** ** **** ** ******* *******, **** ** to **** *** ******* **** * ******** **:

**.**** = ***.***.*.** && **.***** == ***

 

Comments (12)

Thumbnail old headshot

Jon Swatzell

08/01/16 03:27pm

***** **** *****!

Undisclosed Manufacturer #1

08/01/16 07:13pm

*****

**** ***** ******* **** ***** *** **** **** ** ******* on *** ******* ** ******* *****. **** **** ** ******* helpful ** *** **********, *** ******* ******* *** ** ********.

***** * **** ********** *** ******* *** ************* **** *** VMS ** *** ******* ***** *****, *** ************* ******* *** VMS *** *** ****** ** ********** ******* ** *** ******** of *****. ***** *** *** ********** ** *** **** - some *** ********* **** ** ******* ********** *** **** **** not *********** ******* ******* ** **** ** ******* *** ****

***** *******

Thumbnail dileep

DILEEP LAL

IPVMU Certified | 08/02/16 10:09am

*****, ********* ****...!!

Undisclosed Manufacturer #2

08/03/16 01:30am

***** *** *********** *******.

**** ****** ***** ***** ***** ** **** *** *** *** for ********, *** *** **** **'* **** *** ******* ************** and **************, * ***** * *** ** ******* ***** **** be ***** *****, *** * *** *** ***** **** *** RTSP ***** ****** ** *** ***** *********. ** * ****** man ** *** ****** **** ******** *** ***** ******* ***** well ** ** *** *** ** ** ******* ** ***!

**** ********* ***** *** ******* ********, *** **** ****** ***** to *** *********** ***** *******. *** ***** *** ****, *** so ********* **** ***** ****** **** ** ***** ** *** camera *** *** ***** ****** ******* ** ******* ***** *,***** faster **** ******* ***

*** ****** **** ****** ** **** *********** *** ********* ***-******** experts.

*** ************ *** ***** **** **** ****, ** **** **** understand ****. ** **** ****?

** **** ***** ***-*** ********** **** ** *** ******, *** you **** ** **** ** ******* **** ******* ** ***** out, **** ***** *** ******* ** ***** **** ***** ********.

**** **** * **** ** ******** *** **** *** ******* this ** *** *** ** ** ********.

***** ******* ******** *** **** ****** *** ****; *** ********** is **** ******, ***** ** ***** ********* ***** ** **** at *** ******* *** ***** *******.

*** ***** * ***** **** *** ****** *** ** *********** switch ** ***** *********, ** *** *** ***** *** **** to ***** ********** ** * ********** **** **** ** ** you *** **** *** *** ******* ** ****, ******* * stand ***** *** *** *** *******. *** ** ***** ***** naturally ********** ********* ** **** ** **** ******, ** ********* in *** *******.

Undisclosed #3

In reply to Undisclosed Manufacturer #2 | 08/03/16 03:11am

*.*.*.* ***/****/****/***

*** **** ****** ***** ** **** *** **** ** ******** a ********. * ****** ***** ******* ***** ******** ***** ***/****/****/***. And ** * ******supports ****.*, the data stream shall be sent or received via HTTPS to traverse a firewall, and a device shall support media transfer using ***/****/*****/***.

***** ********* **** ****

Thumbnail brk1

Brian Karas

IPVM | In reply to Undisclosed Manufacturer #2 | 08/03/16 12:12pm

*** ***** * ***** **** *** ****** *** ** *********** switch ** ***** *********, ** *** *** ***** *** **** to ***** ********** ** * ********** **** **** ** ** you *** **** *** *** ******* ** ****, ******* * stand ***** *** *** *** *******.

**** ** * **** ****. * ******** **** ** *** 10/100 ******* ***** ( * **** ***, *** * ******) that *'** ***** ** ** ***** *** *** * **** stream **** * ****** ** ****** ******* *****. * ***-********** smart ****** **** * ****** **** ******* ***** ** *** same *****.

* ***** * *** ** ******* ***** **** ** ***** Onvif, *** * *** *** ***** **** *** **** ***** stream ** *** ***** *********. ** * ****** *** ** the ****** **** ******** *** ***** ******* ***** **** ** on *** *** ** ** ******* ** ***!

***** ***, ** ******* *******, ** **** * ****** **** was * *********** ******* ******* *** ****** *******. ** ***** interpret *** *** *** ******* ** **** **** ** ******* what ***** **** ***** **** ****. ****** **** **** * found ** ********** ******* **** ***** *********** ***** ** ******* packets *** *** ****. **, ** *** *********** * **** to ** **** ** *** ******, *** * ***** *** access ** **** ******* *******, * ***** *** * **** of *** ***** *** ******** ** ************** **** ** ** snoop *******. *** **** ******* ***** ** ******* ** *********** video *******, ** ************ ********* ***** ***** ********* **** ****** you * ****** ** ** **** ******.

**** ******** ******* ****** ***** ****** ****** ** **** ****** ****** ******* **** need * ****** ** ****** ****/***. ****** *** ******* *** to * ********* **, *** *** ***** ****** * ****** that ********** ******* *** * **** ** *** ****** ****** without *** ********** ****** ** *** *******.

Undisclosed #3

In reply to Brian Karas | 08/03/16 04:51pm

**** ** * **** ****. * ******** **** ** *** 10/100 ******* ***** ( * **** ***, *** * ******) that *'** ***** ** ** ***** *** *** * **** stream **** * ****** ** ****** ******* *****. * ***-********** smart ****** **** * ****** **** ******* ***** ** *** same *****.

* ****/** ******* ***? ***** ***!

******* *** ** ** *** ** ******* *** *** *** the *** ** ******* **** **** **** *** **.

Undisclosed Manufacturer #2

08/04/16 01:42am

* **** * ******* ******, *** ****** * **** ******* to ** **** *** *** ** *** *** **** ** yonder *****! * ** **** **** ** **** *** ** old ***** ** *** ***** ** **, ***** *** *** means ********* ******** ** ********* **** **** *******.

*** ***** ** ******* **** ********* *** **-** ********, *** how ********** **** **** ** ******** ******* **. *** ** it's * **** *********** *****!

**** **-** ********, ** *** *** ******* *** ***** *** everyone ** ***** **.

Undisclosed #3

In reply to Undisclosed Manufacturer #2 | 08/04/16 06:55am

* ** **** **** ** **** *** ** *** ***** in *** ***** ** **, ***** *** *** ***** ********* obsolete ** ********* **** **** *******.

* **** * ******* **** **** *** ****'* ***** ** useful ** *** *** * ****** **.

*** **** *** *****, ** **** *** ******* **** **/******* interfaces *** ***** ** * ****** ***, *** ***** ** are *** ***** ** ********* **** ** * *** **** basis **** ***, ** ***'* ****** **** * ** ********, not *** **** ******. ****** **** ******* ** *****.

****'* *** **'** ** * **** *******...

Thumbnail patrick hart

Patrick Hart

IPVMU Certified | 09/05/16 05:15pm

** **** ********* ************* ***** ***** ** ** ******* ***** be **** ** ****...

Undisclosed #3

In reply to Patrick Hart | 09/05/16 05:26pm

** **** ********* ************* ***** ***** ** ** ******* ***** be **** ** ****...

*** ***** ** * ********* ************ ** ******* **** **** Ethical ****** ****** ***********.

John Honovich

IPVM | In reply to Patrick Hart | 09/05/16 08:39pm

** **** ********* ************* ***** ***** ** ** *******

***, ** *** ****** ** * *** **** *** *** IP ********** ***** ******** ** *******, **** **** ******* * classes ** ************* ********* **** **** ** ************.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Most Recent Industry Reports

July 2018 IP Networking Course on Jun 16, 2018
The last chance to save $50 on registration is this Thursday, June 21st. Register now and save. This is the only networking course designed...
The Dumb Ones: PSA's Bozeman On Cybersecurity on Jun 15, 2018
The smart ones are the hundred people who flew to Denver and spent $500+ on a 1.5-day conference featuring Dahua as a 'cyber responsible partner',...
Amazon Ring Launches $10 Monthly Professional Alarm Monitoring on Jun 15, 2018
Amazon's Ring has announced an alarm system with 24/7 professional alarm monitoring for $10 per month, a fraction of the $30+ per month traditional...
Axis Releases First New Access Controller In 5 Years (A1601) on Jun 15, 2018
It has been 5 years since Axis 2013 entry in the physical access control market, with the A1001 (IPVM test). Now, Axis has released its second...
Hikvision 12MP Fisheye Camera Tested (DS-2CD63C2F-IV) on Jun 14, 2018
Hikvision's DS-2CD63C2F-IV is their flagship panoramic camera, with a 12MP imager, 15m integrated IR, smart codec, and more. We tested the 63C2 in...
Four Major Outdoor Camera Install Problems on Jun 14, 2018
Over 140 integrators told us the top four camera installation mistakes that lead to unexpected problems and failures. Their comments often...
Security Sales Course Summer 2018 on Jun 14, 2018
Based on member's interest, IPVM is offering a security sales course this summer. Register Now - IPVM Security Sales Course Summer...
China Public Video Surveillance Guide: From Skynet to Sharp Eyes on Jun 14, 2018
China is expanding its video surveillance network to achieve “100%” nationwide coverage by 2020, including facial recognition capabilities and a...
IPVM For PR / Marketing People on Jun 13, 2018
This post helps PR and Marketing people understand and productively work with IPVM (as much as possible given our independent, often critical,...
Avigilon H4 Multi-Sensor Adds 32MP, H.265, Analytics on Jun 13, 2018
Avigilon has announced the H4 Multisensor, the successor to their repositionable multi imager line, adding features like H.265, integrated IR,...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact