rtpBreak detects, reconstructs and analyzes any RTP [rfc1889] session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it doesn’t require the presence of RTCP packets (voipong needs them) that aren’t always transmitted from the recent VoIP clients.
The RTP sessions are composed by an ordered sequence of RTP packets. Those packets transport the Real Time data using the UDP transport protocol.
The RTP packets must respect some well defined rules in order to be considered valid, this characteristic allows to define a pattern on the single packet that is used to discriminate the captured network traffic from packets that can be
RTP and those that securely are not.
You can download rtpBreak here: