Wireshark-users: Re: [Wireshark-users] dissecting HTTPS traffic

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Larry Rogers <kp4854@xxxxxxxxxxx>
Date: Tue, 13 Oct 2015 18:05:16 -0500
I joined thinking I could find and stop hijacker from hijacking my PCs  but your emails are way over my head . Is there anything u can do for me
 
From: hugo.van.der.kooij@xxxxx
To: wireshark-users@xxxxxxxxxxxxx
Date: Tue, 13 Oct 2015 08:06:19 +0000
Subject: Re: [Wireshark-users] dissecting HTTPS traffic

Most firewalls and proxies that do something with URLs and/or content have SSL intercept capabilities.

 

 

Van: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] Namens Noam Birnbaum
Verzonden: dinsdag 13 oktober 2015 01:33
Aan: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Onderwerp: Re: [Wireshark-users] dissecting HTTPS traffic

 

Curious, why wouldn't you recommend doing our own MITM attack? (And how would we do it?)

 

On Mon, Oct 12, 2015 at 11:22 AM, Mark Semkiw <Mark.Semkiw@xxxxxxxxxxxxx> wrote:

All you can really do at that point is analyze the endpoints and see if you can get any info from that.  Well I guess you could setup your own man-in-the-middle attack, but I wouldn’t suggest it.

 

Mark Semkiw, Senior Network Engineer

 

CCNA  CNSE  WCNA

 

 



Met vriendelijke groet / With kind regards,
Hugo van der Kooij
network engineer



Delft - Noord-Oost - Zuid


T: +31 15 888 0 345  F: +31 15 888 0 445
E: hugo.van.der.kooij@xxxxx  I:  www.qi.nl



From: <wireshark-users-bounces@xxxxxxxxxxxxx> on behalf of Noam Birnbaum
Reply-To: Community support list for Wireshark
Date: Friday, October 9, 2015 at 4:12 PM
To: "wireshark-users@xxxxxxxxxxxxx"
Subject: [Wireshark-users] dissecting HTTPS traffic

 

Hey folks,

 

One of our clients has recently been having their WAN bandwidth eaten up, and we've narrowed it down to one executive's computer.

 

Now we want to dissect that computer's traffic to see what it's doing. However, much of it is HTTPS, so we can't see the content. Any suggestions on getting a useful analysis?

 

Thanks!


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

 




___________________________________________________________________________ Sent via: Wireshark-users mailing list Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe