Wireshark-users: Re: [Wireshark-users] The SSL tcp stream decoding in Users' Manual?
Date: Sat, 26 Sep 2015 17:39:18 +0200
On 150923-14:08-0400, Jeff Morriss wrote:
> On 09/23/15 12:33, miro.rovis@xxxxxxxxxxxxxxxxx wrote:
> >On 150923-13:17+0200, miro.rovis@xxxxxxxxxxxxxxxxx wrote:
...
> >>https://www.wireshark.org/docs/wsug_html/
> >>
...
> >>Follow SSL Stream | Same functionality as “Follow TCP Stream” but for
> >>SSL streams. XXX - how to provide the SSL keys?
> >>
> >>Will there be that, in those docs, or is it in some other docs, and where in
> >>the world of the [F]ree [O]pen [S]ource [S]oftware, to which the
> >>Wireshark program belongs...
...
> So you just want to decrypt the SSL [so you can eventually follow the
> decrypted stream], right?  The wiki's got good documentation on how to do
> that:
> 
> https://wiki.wireshark.org/SSL

I made it, as I give a hint here (and I won't forget my promiss to try
and find a way to explain hoe to do it to newbies, just give me time)...

I made it, as I give a hint here:

TLS (SSL) tcp stream decoding in your traffic dumps?
https://forums.gentoo.org/viewtopic-t-1029408.html#7819968
(a post in the already linked topic on Gentoo Forums)

and I believe it is unlikely that I wouldn't be able to do it from now
on most any online (the above was on my SOHO, on my Apache https)
connection... Although it will, I know it will be complex...

My thanks to Jeff Morris, and my thanks and recommendation for the SANS
traning who gave us this fine (apparently new; or is it that the PDF
link in bottom is regenerated periodically?) topic on Wireshark Wiki!

Regards!
-- 
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr

Attachment: signature.asc
Description: PGP signature