tcpdump mailing list archives
Re: libpcap and certificates
From: Aaron Turner <synfinatic () gmail com>
Date: Wed, 5 Oct 2011 09:33:13 -0700
On Wed, Oct 5, 2011 at 4:15 AM, Andrej van der Zee <andrejvanderzee () gmail com> wrote:
Hi, I would like to ask if somebody could point me to information on howto hook up libpcap to sniff a secure website on HTTPS. I understand I have to decrypt the packets probably using openssl, but I wonder if there is some howto to guide me. I am on the latest Ubuntu.
Last I checked, tcpdump supports decrypting IPSec, but not SSL. However, Wireshark decrypts SSL. You'll need the SSL private key of the webserver to do it. -- Aaron Turner http://synfin.net/ Twitter: @synfinatic http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin "carpe diem quam minimum credula postero" - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- libpcap and certificates Andrej van der Zee (Oct 05)
- Re: libpcap and certificates Aaron Turner (Oct 05)
- Re: libpcap and certificates Andrej van der Zee (Oct 05)
- Re: libpcap and certificates Peter Volkov (Oct 05)
- Re: libpcap and certificates Geoffrey Sisson (Oct 05)
- Re: libpcap and certificates Geoffrey Sisson (Oct 05)
- Re: libpcap and certificates Andrej van der Zee (Oct 07)
- Re: libpcap and certificates Andrej van der Zee (Oct 05)
- Re: libpcap and certificates Aaron Turner (Oct 05)