[PLUG] tcpdump whiz?
Atom Powers
atom.powers at gmail.com
Fri Feb 26 00:18:34 UTC 2016
Shameless Promotion Alert:
The best person I know to answer that is Mike Pennacchi, who is teaching
"Deep Packet Inspection" at CasITConf next month.
http://casitconf.org/casitconf16/tutorials/
On Thu, Feb 25, 2016 at 4:11 PM Michael Rasmussen <michael at jamhome.us>
wrote:
> I have a group of systems that I need to monitor for use of approved SSL
> cipher suites.
> Wireshark is not available on them. tcpdump is the tool I need to use.
>
> Do you know, or know someone who would know, how to contruct a tcpdump
> filter that matches
> only packets for the SSL handshake?
>
> Due to the volume of traffic on the systems I cannot capture everything
> and filter later.
>
> The most useful hint found so far is at:
>
> http://serverfault.com/questions/574405/tcpdump-server-hello-certificate-filter
>
>
>
> --
> Michael Rasmussen, Portland Oregon
> Be Appropriate && Follow Your Curiosity
> People play badly for various reasons; the most common one is failure
> to judge what they currently produce as inadequate.
> ~ Tony Pay (on a Clarinet discussion list)
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
--
Perfection is just a word I use occasionally with mustard.
--Atom Powers--
More information about the PLUG
mailing list