How to Identify SRTP Protocol on Wireshark

Written by chad anderson
  • Share
  • Tweet
  • Share
  • Email

Secure Real-time Transport Protocol (SRTP) is an extension of the Real-time Transport Protocol (RTP) that provides a standardised way to send audio and video packets over Internet Protocol (IP) networks. SRTP acts as a wrapper and encrypts the SRTP protocol to hide the information from monitors. Using the packet sniffer Wireshark, systems administrators can quickly identify RTP and SRTP streams. Wireshark enables administrators to view passing packets in real time on their network for data aggregation and troubleshooting.

Skill level:
Moderately Easy


  1. 1

    Launch Wireshark on the device you are going to use for monitoring. Click "Show the Capture Options" in the Wireshark toolbar.

  2. 2

    Select the network interface you want to monitor from the "Interface" drop-down list, then click the "Start" button.

  3. 3

    Click the "Expression" button in the toolbar. Scroll down the "Field" section to the "RTP" field.

  4. 4

    Click "RTP" to select filtering, click "Is Present" under the "Relation" column, then click "OK" to add the filtering rule. Now only RTP and SRTP packets will be monitored.

Don't Miss

  • All types
  • Articles
  • Slideshows
  • Videos
  • Most relevant
  • Most popular
  • Most recent

No articles available

No slideshows available

No videos available

By using the site, you consent to the use of cookies. For more information, please see our Cookie policy.