Wireshark mailing list archives
Re: dissecting HTTPS traffic
From: Larry Rogers <kp4854 () outlook com>
Date: Tue, 13 Oct 2015 18:05:16 -0500
I joined thinking I could find and stop hijacker from hijacking my PCs but your emails are way over my head . Is there anything u can do for me From: hugo.van.der.kooij () qi nl To: wireshark-users () wireshark org Date: Tue, 13 Oct 2015 08:06:19 +0000 Subject: Re: [Wireshark-users] dissecting HTTPS traffic Most firewalls and proxies that do something with URLs and/or content have SSL intercept capabilities. Van: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] Namens Noam Birnbaum Verzonden: dinsdag 13 oktober 2015 01:33 Aan: Community support list for Wireshark <wireshark-users () wireshark org> Onderwerp: Re: [Wireshark-users] dissecting HTTPS traffic Curious, why wouldn't you recommend doing our own MITM attack? (And how would we do it?) On Mon, Oct 12, 2015 at 11:22 AM, Mark Semkiw <Mark.Semkiw () commtrans org> wrote: All you can really do at that point is analyze the endpoints and see if you can get any info from that. Well I guess you could setup your own man-in-the-middle attack, but I wouldn’t suggest it. Mark Semkiw, Senior Network Engineer CCNA CNSE WCNA Met vriendelijke groet / With kind regards, Hugo van der Kooij network engineer Delft - Noord-Oost - Zuid T: +31 15 888 0 345 F: +31 15 888 0 445 E: hugo.van.der.kooij () qi nl I: www.qi.nl From: <wireshark-users-bounces () wireshark org> on behalf of Noam Birnbaum Reply-To: Community support list for Wireshark Date: Friday, October 9, 2015 at 4:12 PM To: "wireshark-users () wireshark org" Subject: [Wireshark-users] dissecting HTTPS traffic Hey folks, One of our clients has recently been having their WAN bandwidth eaten up, and we've narrowed it down to one executive's computer. Now we want to dissect that computer's traffic to see what it's doing. However, much of it is HTTPS, so we can't see the content. Any suggestions on getting a useful analysis? Thanks! ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-users mailing list Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- dissecting HTTPS traffic Noam Birnbaum (Oct 09)
- Re: dissecting HTTPS traffic Patrick Klos (Oct 09)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 12)
- Re: dissecting HTTPS traffic Noam Birnbaum (Oct 12)
- Re: dissecting HTTPS traffic Hugo van der Kooij (Oct 13)
- Re: dissecting HTTPS traffic Larry Rogers (Oct 13)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 13)
- Re: dissecting HTTPS traffic Noam Birnbaum (Oct 13)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 14)
- Re: dissecting HTTPS traffic gedropi (Oct 14)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 14)
- Re: dissecting HTTPS traffic miro . rovis (Oct 15)
- Re: dissecting HTTPS traffic Noam Birnbaum (Oct 12)
- Re: dissecting HTTPS traffic frnkblk (Oct 20)