Live signalling capture by tbsigtrace
From TBwiki
(Difference between revisions)
Nicole Tan (Talk | contribs) |
Nicole Tan (Talk | contribs) |
||
Line 7: | Line 7: | ||
Download plink - http://the.earth.li/~sgtatham/putty/latest/x86/plink.exe | Download plink - http://the.earth.li/~sgtatham/putty/latest/x86/plink.exe | ||
Place it in C:\Program Files\Putty directory | Place it in C:\Program Files\Putty directory | ||
+ | |||
==== Download tbsigtrace version 2.7 ==== | ==== Download tbsigtrace version 2.7 ==== | ||
Line 21: | Line 22: | ||
|} | |} | ||
'''Note:''' Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc. | '''Note:''' Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc. | ||
+ | |||
==== Upload tbsigtrace to toolpack server ==== | ==== Upload tbsigtrace to toolpack server ==== | ||
Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7_10" and upload it to the toolpack server /root directory or any other valid directory. | Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7_10" and upload it to the toolpack server /root directory or any other valid directory. | ||
+ | |||
==== Execute the command to capture the signalling accordingly ==== | ==== Execute the command to capture the signalling accordingly ==== | ||
Line 35: | Line 38: | ||
For ISDN capbure | For ISDN capbure | ||
− | plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | + | plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i - ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i - |
− | + | ||
− | ex. | + | |
− | plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | + | |
For SIP or SIGTRAN capbure | For SIP or SIGTRAN capbure | ||
− | plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | + | plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i - |
− | + | ||
− | ex. | + | |
− | plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | + |
Revision as of 14:12, 13 November 2012
You can now activate tbsigtrace and pipe it directly in wireshark through SSH to get a live capture SS7, ISDN or IP (not all in the same wireshark window). The procedure is as following:
Contents |
Download plink
Download plink - http://the.earth.li/~sgtatham/putty/latest/x86/plink.exe Place it in C:\Program Files\Putty directory
Download tbsigtrace version 2.7
If not using version 2.7, download the attached tbsigtrace on unit (/root directory or any other valid directory)
CentOS version | ppc version |
---|---|
Note: Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc.
Upload tbsigtrace to toolpack server
Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7_10" and upload it to the toolpack server /root directory or any other valid directory.
Execute the command to capture the signalling accordingly
For SS7 capbure
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i - ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
For ISDN capbure
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i - ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
For SIP or SIGTRAN capbure
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -