network-programming protocols voip sniffing h.323

Detect H.323 by simple sniffing?

Is it possible to detect if a H.323 connection (phone call) is up by simple sniffing traffic on an adjacent node?

Solution

The most effective way seems to sniff all the TCP traffic to 1719 (RAS) and 1720 (H.225 signaling) port. You get signaling with high probability. Other ways are much harder.

Other alternative:

Check new TCP connections with TPKT traffic right from the start.
If header is good (4 bytes to check) and PDU seems reasonable size you need to decode this as H.225 signaling (ASN1) this is not so simple and relative resource consuming operation.

The worst thing you can face is H.235 security with signaling protected. Almost nothing will help you in this case ;).

I want to install the "n" package and I get an error
n <version> command does not activate specified version
Change n install location
How to install a specific version of Node on Ubuntu/Debian?
Different node version for different projects, is there a way of telling node which version to use?
Install Node.js to install n to install Node.js?
How to select the latest node.js v6 version using n?
n-install: ERROR: GNU Make not found, which is required for operation
How to downgrade Node version with n
how switch to previous version in n (Node version manager)?
Automatically use the right version of Node for a package
internal/modules/cjs/loader.js:905 -> throw err;
Why doesn't "n" downgrade my node version on a Mac?
Node version manager
n failed to install/switch node in Linux?
vue command not found on Mac
How to uninstall n and all node versions installed by n
Angular CLI on HTTPS - can't install CI as root
n (node version manager): cannot create directory
npm module n emits errors
How to update npm permanently?
Cannot change nodejs version using n
upgrade nodejs to stable version
How should I install and use multiple versions of Node on the same production machine?