Re: [PLUG] proxy.pac

2016-02-25 Thread David
On 02/25/2016 08:25 PM, Robert Citek wrote: > On Thu, Feb 25, 2016 at 7:04 PM, Louis Kowolowski > wrote: >> I don’t know if browsers support a local file for a proxy.pac or not. That >> would be the first thing I would investigate. > > That's what I was not (and still

Re: [PLUG] proxy.pac

2016-02-25 Thread Robert Citek
On Thu, Feb 25, 2016 at 7:04 PM, Louis Kowolowski wrote: > I don’t know if browsers support a local file for a proxy.pac or not. That > would be the first thing I would investigate. That's what I was not (and still am not) sure of. However, the site that I originally

Re: [PLUG] tcpdump whiz?

2016-02-25 Thread Michael Rasmussen
I may be able to wrangle an agreement to install ssldump. Life will be easier if I can get it done with tcpdump. The goal is to capture the SSL handshake packets and then check for which devices are not using approved cipher suites. A make my life really easy solution would spit out the IP

Re: [PLUG] tcpdump whiz?

2016-02-25 Thread Martin A. Brown
Hi there, >I have a group of systems that I need to monitor for use of >approved SSL cipher suites. Wireshark is not available on them. >tcpdump is the tool I need to use. >Do you know, or know someone who would know, how to contruct a >tcpdump filter that matches only packets for the SSL

Re: [PLUG] proxy.pac

2016-02-25 Thread Louis Kowolowski
I don’t know if browsers support a local file for a proxy.pac or not. That would be the first thing I would investigate. > On Feb 25, 2016, at 8:48 PM, Robert Citek wrote: > > On Thu, Feb 25, 2016 at 1:14 AM, Louis Kowolowski > wrote: >> I’m

Re: [PLUG] proxy.pac

2016-02-25 Thread Robert Citek
On Thu, Feb 25, 2016 at 1:14 AM, Louis Kowolowski wrote: > I’m making some assumptions here, and if they’re not true, you can either > correct me, or if the functionality i describe is what you want, take a look > at

Re: [PLUG] tcpdump whiz?

2016-02-25 Thread Louis Kowolowski
From the link you posted: tcpdump -i any -s 1500 (tcp[((tcp[12:1] & 0xf0) >> 2)+5:1] = 0x01) and (tcp[((tcp[12:1] & 0xf0) >> 2):1] = 0x16) This captures the SSL handshake (0x16), and the hello (0x01). Seems reasonable that you could delete the expression for hello and end up with: tcpdump -i

Re: [PLUG] tcpdump whiz?

2016-02-25 Thread Michael Rasmussen
On Thu, Feb 25, 2016 at 04:24:34PM -0800, Ishak Micheil wrote: > Jim Hassing knows. No he doesn't. We've already chatted about it. For those of you scratching your heads over that exchange, Jim, Ishak, and I share a common employer. > On Feb 25, 2016 16:11, "Michael Rasmussen"

Re: [PLUG] proxy.pac

2016-02-25 Thread Louis Kowolowski
I’m making some assumptions here, and if they’re not true, you can either correct me, or if the functionality i describe is what you want, take a look at https://www.cryptomonkeys.com/2014/07/automatic-http-proxy/ where I detail how to set this up. Presumably you have: a) a web server that is