>>>>> "Rick" == Rick Jones <rick.jon...@hp.com> writes:
Rick> Is there a version of tcpdump in the works which will decode
Rick> the unecrypted
Rick> portions of an SSL/TLS session? Or do I need to look
Rick> elsewhere?
Yes/no.
You have, in general, to do TCP reassembly as TLS blocks might span TCP
segments.
Fortunately, you can use: http://www.rtfm.com/ssldump/
to do exactly that.
It takes pcap files. It even decrypts if you give it the keys.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
