On 02/25/2016 08:25 PM, Robert Citek wrote:
> On Thu, Feb 25, 2016 at 7:04 PM, Louis Kowolowski
> wrote:
>> I don’t know if browsers support a local file for a proxy.pac or not. That
>> would be the first thing I would investigate.
>
> That's what I was not (and still
On Thu, Feb 25, 2016 at 7:04 PM, Louis Kowolowski
wrote:
> I don’t know if browsers support a local file for a proxy.pac or not. That
> would be the first thing I would investigate.
That's what I was not (and still am not) sure of. However, the site
that I originally
I may be able to wrangle an agreement to install ssldump.
Life will be easier if I can get it done with tcpdump.
The goal is to capture the SSL handshake packets and then
check for which devices are not using approved cipher suites.
A make my life really easy solution would spit out the IP
Hi there,
>I have a group of systems that I need to monitor for use of
>approved SSL cipher suites. Wireshark is not available on them.
>tcpdump is the tool I need to use.
>Do you know, or know someone who would know, how to contruct a
>tcpdump filter that matches only packets for the SSL
I don’t know if browsers support a local file for a proxy.pac or not. That
would be the first thing I would investigate.
> On Feb 25, 2016, at 8:48 PM, Robert Citek wrote:
>
> On Thu, Feb 25, 2016 at 1:14 AM, Louis Kowolowski
> wrote:
>> I’m
On Thu, Feb 25, 2016 at 1:14 AM, Louis Kowolowski
wrote:
> I’m making some assumptions here, and if they’re not true, you can either
> correct me, or if the functionality i describe is what you want, take a look
> at
From the link you posted:
tcpdump -i any -s 1500 (tcp[((tcp[12:1] & 0xf0) >> 2)+5:1] = 0x01) and
(tcp[((tcp[12:1] & 0xf0) >> 2):1] = 0x16)
This captures the SSL handshake (0x16), and the hello (0x01). Seems reasonable
that you could delete the expression for hello and end up with:
tcpdump -i
On Thu, Feb 25, 2016 at 04:24:34PM -0800, Ishak Micheil wrote:
> Jim Hassing knows.
No he doesn't. We've already chatted about it.
For those of you scratching your heads over that exchange, Jim, Ishak, and I
share a common employer.
> On Feb 25, 2016 16:11, "Michael Rasmussen"
I’m making some assumptions here, and if they’re not true, you can either
correct me, or if the functionality i describe is what you want, take a look at
https://www.cryptomonkeys.com/2014/07/automatic-http-proxy/ where I detail how
to set this up.
Presumably you have:
a) a web server that is