[PLUG] tcpdump whiz?
Michael Rasmussen
michael at jamhome.us
Fri Feb 26 00:27:24 UTC 2016
On Thu, Feb 25, 2016 at 04:24:34PM -0800, Ishak Micheil wrote:
> Jim Hassing knows.
No he doesn't. We've already chatted about it.
For those of you scratching your heads over that exchange, Jim, Ishak, and I
share a common employer.
> On Feb 25, 2016 16:11, "Michael Rasmussen" <michael at jamhome.us> wrote:
>
> > I have a group of systems that I need to monitor for use of approved SSL
> > cipher suites.
> > Wireshark is not available on them. tcpdump is the tool I need to use.
> >
> > Do you know, or know someone who would know, how to contruct a tcpdump
> > filter that matches
> > only packets for the SSL handshake?
> >
> > Due to the volume of traffic on the systems I cannot capture everything
> > and filter later.
> >
> > The most useful hint found so far is at:
> >
> > http://serverfault.com/questions/574405/tcpdump-server-hello-certificate-filter
> >
> >
> >
> > --
> > Michael Rasmussen, Portland Oregon
> > Be Appropriate && Follow Your Curiosity
> > People play badly for various reasons; the most common one is failure
> > to judge what they currently produce as inadequate.
> > ~ Tony Pay (on a Clarinet discussion list)
> > _______________________________________________
> > PLUG mailing list
> > PLUG at lists.pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
--
Michael Rasmussen, Portland Oregon
Be Appropriate && Follow Your Curiosity
Too often we enjoy the comfort of opinion without the discomfort of thought.
~ John F. Kennedy
More information about the PLUG
mailing list