Gary Marshall writes about how the UK Government plans to pour billions of pounds (as if they weren’t wasting enough money already) into recording all of our telephone calls. Well, funnily enough, I want to do the same thing… and it turns out to be remarkably easy – at least it is if you’re using a VoIP phone.
First of all, I should point out that, depending on where you live, it might be illegal to record phone calls without consent. In my case, I recorded a call from my desk phone to the voicemail on my mobile phone. As I was both the caller and the receiver I think it’s safe to say that there was consent – even if it does sound a bit mad. This was a proof of concept – the real usage case I have in mind is for the Coalface Tech podcasts, as last time James and I tried to record one over Skype there was just too much lag (and interference… although that might have been a local problem). Using the Cisco 7940 on my desk in the UK in to call a landline in Oz via my Sipgate account shouldn’t be too bad (and won’t cost too much either). What follows is a recipe for recording the call.
- Wireshark (see last week’s post on using Wireshark for basic packet capture and analysis).
- 10 Base-T Ethernet hub (e.g. Netgear EN108)*.
- SIP Phone (e.g. Cisco 7940 with SIP Firmware).
- VoIP connectivity (via IP-PBX or Internet telephone service provider)
* If a softphone were used on the same computer as the packet capture, then it should be possible to capture the network traffic without needing to use a hub.
- Install and configure Wireshark.
- Ensure that the computer being used for packet capture can see the phone traffic (i.e. that they are both connected to the hub – not a switch, unless port spanning or a tap are in use).
- Using Wireshark, start capturing traffic on the appropriate interface.
- Once the call(s) to be captured have been made, end the capture.
- In Wireshark, select VoIP calls from the Statistics menu – details of all captured calls should be listed:
- At this point, it’s also possible to graph the traffic and also to play back the call (once decoded) – either one or both streams of the conversation:
- That’s enough to play back the call but to record it a different approach is required. Return to the list of captured packets and select the first RTP packet in a conversation.
- From the Statistics menu, select RTP and then Stream Analysis… This will show the packets in either direction:
- Click the Save payload… button to save to file – .au format with both streams is probably most useful:
- The .au format is generally used for UNIX-generated sound files and can be played in Windows Media Player (see Microsoft knowledge base article 316992). Alternatively convert it to another format using whatever tools are appropriate (I used Switch on a Mac to convert from .AU to .MP3).
I’m not sharing the full packet capture for security reasons but I have made the MP3 version of the RTP recording available.
Recording VoIP calls seems remarkably simple – given sufficient access to the network. Implementing IPSec should prevent such packet sniffing on the local network but, once a VoIP call is out on the ‘net, who knows who might be listening?
Whilst researching for this post, I found the following very useful: