Ethereal-users: Re: [Ethereal-users] Seeing the data sent through ssl comunication

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Hansang Bae <hbae@xxxxxxxxxx>
Date: Mon, 09 Aug 2004 23:59:16 -0400
>From: Hansang Bae
>| 1)  Use a proxy so you can sniff from there.  Since you control the
>proxy, you can decrypt the packets.

On 03:38 PM 8/9/2004, Olivier Biot wrote:
>That won't work as most HTTP proxies behave as dumb data pipes for
>encrypted HTTP (HTTPS). Typically the client issues a CONNECT request,
>which requests a TCP connection from the proxy to the host:port
>specified in the URI of the CONNECT request. When the TCP connection
>has successfully been established, the proxy issues a 200 OK response
>to the client, and then the client can start *any* protocol over this
>TCP stream. One (and the most relevant) use is setting up a TLS, SSL
>or PCT tunnel between client and server (over the proxy). The proxy
>does *not* play a role in this setup but for passing data as a "dumb"
>bit pipe. It is up to the client/server to use the correct encryption.
>Typically the client can only encrypt the traffic as the server is the
>only one to know the decryption key.


I didn't mean a "run of the mill" proxy.  I meant man-in-the-middle type.  There are proxy-like programs that can do this.  Grinder may or may not do what the original user requested.  

hsb