Wireshark VoIP Challenge

Knock off those network analysis cobwebs by downloading the file below and taking part in the Wireshark VoIP challenge. This a a short capture but a tricky one.

Wireshark PCAP File

MD5 Hash: 139b7dfea64ee097a4a415ba320cc5b6

The Challenge

I’m currently putting together a new VoIP class and came across a nasty little Linux program that can manipulate VoIP instruments to a humorous degree. In the pcap provided, there are a number of VoIP devices. The file contains two VoIP communications transactions. During the course of all those packets flying around, one of these packets/devices/transactions is not as it appears to be.

For some structure, determine what is happening during the capture, what does not seem right, and what caused the anomalous behavior. Also, pinpoint exactly where in the capture the problem lies. If you have questions about the network in general, I will provide as much information as you might get from an administrator on site. Good luck!

Scroll Down for a Hint After You’ve Looked at the Capture











There are two phones calls. One failed to completely set up and the other was successful. Why did the first one fail? Is it just the case of two lonely phones not being able to reconcile their differences or is something more sinister at play? If so, how do you know?

The Answer

Come back next week for the full answer.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top