tcpdump mailing list archives
Re: libpcap and certificates
From: Andrej van der Zee <andrejvanderzee () gmail com>
Date: Thu, 6 Oct 2011 02:06:45 +0900
I would like to ask if somebody could point me to information on howto hook up libpcap to sniff a secure website on HTTPS. I understand I have to decrypt the packets probably using openssl, but I wonder if there is some howto to guide me. I am on the latest Ubuntu.Last I checked, tcpdump supports decrypting IPSec, but not SSL. However, Wireshark decrypts SSL. You'll need the SSL private key of the webserver to do
Yes i am aware Wireshark can do it if you provide the private key, but i need to decrypt packets in my own sniffer based on libpcap. I was hoping i am not the first and somebody could gimme some startup pointers, so that i dont have to go through the Wireshark sources... But maybe i am at the wrong place and should turn to the openssl forum instead... Cheers, Andrej- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- libpcap and certificates Andrej van der Zee (Oct 05)
- Re: libpcap and certificates Aaron Turner (Oct 05)
- Re: libpcap and certificates Andrej van der Zee (Oct 05)
- Re: libpcap and certificates Peter Volkov (Oct 05)
- Re: libpcap and certificates Geoffrey Sisson (Oct 05)
- Re: libpcap and certificates Geoffrey Sisson (Oct 05)
- Re: libpcap and certificates Andrej van der Zee (Oct 07)
- Re: libpcap and certificates Andrej van der Zee (Oct 05)
- Re: libpcap and certificates Aaron Turner (Oct 05)