[PLUG] Wordpress implementer
Scott Howard
SHoward at k-hlaw.com
Fri Feb 26 14:07:23 UTC 2016
The website is designed. I need someone at an hourlr rate to help me implement the design. Feel free to respond directly to me. All leads are apprecuated.
Scott Howard
Kivel & Howard LLP
P. O. Box 40044
Portland, Oregon 97240
Telephone 503.796.0909
Fax 503.802.4757
-------- Original message --------
From: plug-request at lists.pdxlinux.org
Date: 02/25/2016 7:38 PM (GMT-08:00)
To: plug at lists.pdxlinux.org
Subject: PLUG Digest, Vol 137, Issue 28
Send PLUG mailing list submissions to
plug at lists.pdxlinux.org
To subscribe or unsubscribe via the World Wide Web, visit
http://cp.mcafee.com/d/5fHCNEq6x0SyM-UM-ed7dTztPqdNPP9EVphhudET7fcCzAsed7bVJ6UVVAQsIEECzASzsQsIcK6zCWbVKxeFzoE0EGn9DWoVsSlbAPZcsKrp8fmtIU_R-d7b3PNEV7tuVtdAsNO9EVvjhd7afbnhIyyHssNOEuvkzaT0QSyrjhdTVx-W9EVosuKqejtPo0c-l9QVp0ffB1IfU03wCHIcfBisEeRNoZIyrmfr8BO5mUm-wafBitemg3PVgr3-00CQn3hOqem3om2Ej2hEw3F4vFc0Ph06qDCy15As0pEw3qkrYQg9L6SrCRMc617pE
or, via email, send a message with subject or body 'help' to
plug-request at lists.pdxlinux.org
You can reach the person managing the list at
plug-owner at lists.pdxlinux.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of PLUG digest..."
Today's Topics:
1. tcpdump whiz? (Michael Rasmussen)
2. Re: tcpdump whiz? (Atom Powers)
3. Re: tcpdump whiz? (Ishak Micheil)
4. Re: tcpdump whiz? (Michael Rasmussen)
5. Re: tcpdump whiz? (Louis Kowolowski)
6. Re: proxy.pac (Robert Citek)
7. Re: proxy.pac (Louis Kowolowski)
8. Re: tcpdump whiz? (Michael Rasmussen)
----------------------------------------------------------------------
Message: 1
Date: Thu, 25 Feb 2016 16:08:28 -0800
From: Michael Rasmussen <michael at jamhome.us>
Subject: [PLUG] tcpdump whiz?
To: "Portland Linux User's Group" <plug at lists.pdxlinux.org>
Message-ID: <20160226000828.GA27140 at jamhome.us>
Content-Type: text/plain; charset=us-ascii
I have a group of systems that I need to monitor for use of approved SSL cipher suites.
Wireshark is not available on them. tcpdump is the tool I need to use.
Do you know, or know someone who would know, how to contruct a tcpdump filter that matches
only packets for the SSL handshake?
Due to the volume of traffic on the systems I cannot capture everything and filter later.
The most useful hint found so far is at:
http://cp.mcafee.com/d/k-Kr6gUi3zqb3Xz3UUQsTudTdET7fcCzBB55USzssYOqehMUQsLCQrzDCjhOOyyqejqdPhOMOUqerELCW4WCdyw2yFsCvFzBPpkKjfQNOVJAwZpSPz_nUQsIff6zAtRXBQShP78CzBZd4QsEYJt6OaaJNP7axVZicHs3jqpJd4TvC7XECzBxNWVEVdTdw0Wv4PYntrfDO-2PvQDaIao-eooK_AXb8dGH5Wv4PYiVfPPWBXv6sDpmSvBTp7P-9JoZIyn8lrxrW0E-l9QVp0ffB1IfU02rhsd79EVodxoaxc96y0eAh-AM3d40pGuq84mhM1Cy0dFhLPh0CYrpKrGq8H
--
Michael Rasmussen, Portland Oregon
Be Appropriate && Follow Your Curiosity
People play badly for various reasons; the most common one is failure
to judge what they currently produce as inadequate.
~ Tony Pay (on a Clarinet discussion list)
------------------------------
Message: 2
Date: Fri, 26 Feb 2016 00:18:34 +0000
From: Atom Powers <atom.powers at gmail.com>
Subject: Re: [PLUG] tcpdump whiz?
To: "Portland Linux/Unix Group" <plug at lists.pdxlinux.org>
Message-ID:
<CAF-H=Ome_rbY8T0Z6TLovby_=p=eQj6kJcn9xJLXGLvJLsfuUw at mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Shameless Promotion Alert:
The best person I know to answer that is Mike Pennacchi, who is teaching
"Deep Packet Inspection" at CasITConf next month.
http://cp.mcafee.com/d/avndxNJ5xZNxYsqerL6XCQrzDCjhOOyyYrhKeupd78UsqenPqdNPP9EVphhd79J6VEVopsd7dQnPt2tj6Ng1hkKjfQNOVIGn9DWoVsSOguIXpN_HYqem7DzhOeWZOWr8VzAjhO-CyqekumKzp55mUVzBgY-F6lK1FJASCyrLP3ZQjhOMUZsQsCXCM0tJFatGMtU03BJFatGMthsOrsWNBFZcdH7JAiV2Hsbvg57OFeDb81VYEdx_00jqbxEVd7b1Ib1k9x8Qg1QyfQC0pEw3djPh0yOe0cQg1Jad-q84TzrdPqaL8
On Thu, Feb 25, 2016 at 4:11 PM Michael Rasmussen <michael at jamhome.us>
wrote:
> I have a group of systems that I need to monitor for use of approved SSL
> cipher suites.
> Wireshark is not available on them. tcpdump is the tool I need to use.
>
> Do you know, or know someone who would know, how to contruct a tcpdump
> filter that matches
> only packets for the SSL handshake?
>
> Due to the volume of traffic on the systems I cannot capture everything
> and filter later.
>
> The most useful hint found so far is at:
>
> http://cp.mcafee.com/d/FZsS86Qm7T67NNEVKYrKrhKeupd7baabNJ6UVVAQszxNEVvdET7fcCzBB54QsCQrCzBxBMQsThvdQ9Rcr5055iVc_j7bCOFsCvFzBPr91WPJD7-LNEVouud78XHTbFIzCehd7bWq9EVhVqWdAklrzCel3PWApmU6CS3qq9K_cfThd7b3zRPhOrKr01Q-9DUKWSvfBY5C_FelokNYsMNt_9SmgrlmbQ-9DUBOvDDRbS-cVeOJI_bKOfDYjqNXp4KgGT2TQ1hYGjFOO0uva3ovM04SyUqejhOMr2Ml2oid40t8zZ9w6q80PkYQg8Izw3d40rizvCy1dUSPsSLK-
>
>
>
> --
> Michael Rasmussen, Portland Oregon
> Be Appropriate && Follow Your Curiosity
> People play badly for various reasons; the most common one is failure
> to judge what they currently produce as inadequate.
> ~ Tony Pay (on a Clarinet discussion list)
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://cp.mcafee.com/d/FZsS738Ocy1J5xZNxYsqerL6XCQrzDCjhOOyyYrhKeupd78UsqenPqdNPP9EVphhd79J6VEVopsd7dQnPt2tj6Ng1hkKjfQNOVIGn9DWoVsSOguIXpN_HYqem7DzhOeWZOWr8VzAjhO-CyqekumKzp55mUVzBgY-F6lK1FJYSCyrLP3ZQjhOMUZsQsCXCM0pYGjFOO0uva3ovM071dnoovaAVgtHyNXp4SIuShbAaJMJZ0kvaAWsIw7DOwS7Y01dEK6zAQsI6MI5gC4zh07i8_io1Cy0cRfd42b8U0Ph06QETVEwjudITdIU_VKbzZplj2
>
--
Perfection is just a word I use occasionally with mustard.
--Atom Powers--
------------------------------
Message: 3
Date: Thu, 25 Feb 2016 16:24:34 -0800
From: Ishak Micheil <isaacem at gmail.com>
Subject: Re: [PLUG] tcpdump whiz?
To: "General Linux/UNIX discussion and help civil and on-topic"
<plug at lists.pdxlinux.org>
Message-ID:
<CABiMUpgQvGpiHy+EUHjxnDxZGcYLK=A0drrq3g9qDkvf7+MXrg at mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Jim Hassing knows.
On Feb 25, 2016 16:11, "Michael Rasmussen" <michael at jamhome.us> wrote:
> I have a group of systems that I need to monitor for use of approved SSL
> cipher suites.
> Wireshark is not available on them. tcpdump is the tool I need to use.
>
> Do you know, or know someone who would know, how to contruct a tcpdump
> filter that matches
> only packets for the SSL handshake?
>
> Due to the volume of traffic on the systems I cannot capture everything
> and filter later.
>
> The most useful hint found so far is at:
>
> http://cp.mcafee.com/d/avndz9J5xZNxYsqerL6XCQrzDCjhOOyyYrhKeupd78UsqenPqdNPP9EVphhd79J6VEVopsd7dQnPt2tj6Ng1hkKjfQNOVIGn9DWoVsSOguIXpN_HYqem7DzhOeWZOWr8VzAjhO-CyqekumKzp55mUVzBgY-F6lK1FJMSCyrLP3ZQjhOMUZsQsCXCM0tfyp-bKJDPVv1pLWjBm5cv7ccnvOtBA6RlyZfyp-9sDVVZiZLzejIHrfOXIzV_4SIuShbAaJMJZ0kvaAWsIw7DOwS7Y01dEK6zAQsI6MI5gC4zh07i8_io1Cy0cRfd42b8U0Ph06QETVEwjudITdV7zNPi5M7QoF
>
>
>
> --
> Michael Rasmussen, Portland Oregon
> Be Appropriate && Follow Your Curiosity
> People play badly for various reasons; the most common one is failure
> to judge what they currently produce as inadequate.
> ~ Tony Pay (on a Clarinet discussion list)
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://cp.mcafee.com/d/FZsSd2gOrhovsov76zCXNKVJ6UVVAQsIEEL6QrzDCjhOe76zBYSzssYOqemkkjhOrhKqem6n3hPt5YTgDkNIk0klbAPZcsKraBOp-CendIA7HeSsvW_6zBxVUQszKLsKCOeoV4QsLFECzB7BHEShhlKeoVkffGhBrwqr76QQjt-ovKyqem77HCzATsS03fBitemg3PVgr3-00U9GX33VkDa3Jsmfr8CRzSO9sxlK5LE2zVkDjBA0Y-k6M_w09J5MQsCzBwS5wG4MAq80Wh7Wj0cQg1CFVEwhp706q80SB6_d42rNJCVLAGr-WKftw-K
>
------------------------------
Message: 4
Date: Thu, 25 Feb 2016 16:27:24 -0800
From: Michael Rasmussen <michael at jamhome.us>
Subject: Re: [PLUG] tcpdump whiz?
To: Portland Linux/Unix Group <plug at lists.pdxlinux.org>
Message-ID: <20160226002724.GA27306 at jamhome.us>
Content-Type: text/plain; charset=us-ascii
On Thu, Feb 25, 2016 at 04:24:34PM -0800, Ishak Micheil wrote:
> Jim Hassing knows.
No he doesn't. We've already chatted about it.
For those of you scratching your heads over that exchange, Jim, Ishak, and I
share a common employer.
> On Feb 25, 2016 16:11, "Michael Rasmussen" <michael at jamhome.us> wrote:
>
> > I have a group of systems that I need to monitor for use of approved SSL
> > cipher suites.
> > Wireshark is not available on them. tcpdump is the tool I need to use.
> >
> > Do you know, or know someone who would know, how to contruct a tcpdump
> > filter that matches
> > only packets for the SSL handshake?
> >
> > Due to the volume of traffic on the systems I cannot capture everything
> > and filter later.
> >
> > The most useful hint found so far is at:
> >
> > http://cp.mcafee.com/d/2DRPoOcz8wrhovsov76zCXNKVJ6UVVAQsIEEL6QrzDCjhOe76zBYSzssYOqemkkjhOrhKqem6n3hPt5YTgDkNIk0klbAPZcsKraBOp-CendIA7HeSsvW_6zBxVUQszKLsKCOeoV4QsLFECzB7BHEShhlKeoVkffGhBrwqrudFECXYM_t4QsIefnd79KVI07jUCvyXHpY-nMmr-AVlxj7NP35TYDpp1JloLjUCvyn9-uvkLrUPAXaSPYKX8-vNdH7JAiV2Hsbvg57OFeDb81VYEdx_00jqbxEVd7b1Ib1k9x8Qg1QyfQC0pEw3djPh0yOe0cQg1Jad-q84TzrdPu7HP
> >
> >
> >
> > --
> > Michael Rasmussen, Portland Oregon
> > Be Appropriate && Follow Your Curiosity
> > People play badly for various reasons; the most common one is failure
> > to judge what they currently produce as inadequate.
> > ~ Tony Pay (on a Clarinet discussion list)
> > _______________________________________________
> > PLUG mailing list
> > PLUG at lists.pdxlinux.org
> > http://cp.mcafee.com/d/FZsScCQm7T67NNEVKYrKrhKeupd7baabNJ6UVVAQszxNEVvdET7fcCzBB54QsCQrCzBxBMQsThvdQ9Rcr5055iVc_j7bCOFsCvFzBPr91WPJD7-LNEVouud78XHTbFIzCehd7bWq9EVhVqWdAklrzCel3PWApmU6CPhOrjhdTVx-W9EVosuKqejtPo0c-l9QVp0ffB1IfU03wCHIcfBisEeRNoZIyrmfr8BO5mUm-wafBitemg3PVgr3-00CQn3hOqem3om2Ej2hEw3F4vFc0Ph06qDCy15As0pEw3qkrYQg9L6SrCObYxFQ68Qdjh
> >
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://cp.mcafee.com/d/k-Kr4xASyM-UM-ed7dTztPqdNPP9EVphhudET7fcCzAsed7bVJ6UVVAQsIEECzASzsQsIcK6zCWbVKxeFzoE0EGn9DWoVsSlbAPZcsKrp8fmtIU_R-d7b3PNEV7tuVtdAsNO9EVvjhd7afbnhIyyHssNOEuvkzaT0QSzsSCyrLP3ZQjhOMUZsQsCXCM0pYGjFOO0uva3ovM071dnoovaAVgtHyNXp4SIuShbAaJMJZ0kvaAWsIw7DOwS7Y01dEK6zAQsI6MI5gC4zh07i8_io1Cy0cRfd42b8U0Ph06QETVEwjudITdPbZGHPtbGWIu
>
--
Michael Rasmussen, Portland Oregon
Be Appropriate && Follow Your Curiosity
Too often we enjoy the comfort of opinion without the discomfort of thought.
~ John F. Kennedy
------------------------------
Message: 5
Date: Thu, 25 Feb 2016 19:15:50 -0600
From: Louis Kowolowski <louisk at cryptomonkeys.org>
Subject: Re: [PLUG] tcpdump whiz?
To: Portland Linux/Unix Group <plug at lists.pdxlinux.org>
Message-ID: <57F236BA-5A5F-4C59-9579-EF9C9688BF1E at cryptomonkeys.org>
Content-Type: text/plain; charset="us-ascii"
>From the link you posted:
tcpdump -i any -s 1500 (tcp[((tcp[12:1] & 0xf0) >> 2)+5:1] = 0x01) and (tcp[((tcp[12:1] & 0xf0) >> 2):1] = 0x16)
This captures the SSL handshake (0x16), and the hello (0x01). Seems reasonable that you could delete the expression for hello and end up with:
tcpdump -i any -s 1500 (tcp[((tcp[12:1] & 0xf0) >> 2):1] = 0x16)
Does this not work?
> On Feb 25, 2016, at 6:08 PM, Michael Rasmussen <michael at jamhome.us> wrote:
>
> I have a group of systems that I need to monitor for use of approved SSL cipher suites.
> Wireshark is not available on them. tcpdump is the tool I need to use.
>
> Do you know, or know someone who would know, how to contruct a tcpdump filter that matches
> only packets for the SSL handshake?
>
> Due to the volume of traffic on the systems I cannot capture everything and filter later.
>
> The most useful hint found so far is at:
> http://cp.mcafee.com/d/k-Kr6jqb3Xz3UUQsTudTdET7fcCzBB55USzssYOqehMUQsLCQrzDCjhOOyyqejqdPhOMOUqerELCW4WCdyw2yFsCvFzBPpkKjfQNOVJAwZpSPz_nUQsIff6zAtRXBQShP78CzBZd4QsEYJt6OaaJNP7axVZicHs3jqa9Jd4TvC7XECzBxNWVEVdTdw0Wv4PYntrfDO-2PvQDaIao-eooK_AXb8dGH5Wv4PYiVfPPWBXv6sDpmSvBTp7P-9JoZIyn8lrxrW0E-l9QVp0ffB1IfU02rhsd79EVodxoaxc96y0eAh-AM3d40pGuq84mhM1Cy0dFhLPh0CYrpKr2QdzY267
>
>
>
> --
> Michael Rasmussen, Portland Oregon
> Be Appropriate && Follow Your Curiosity
> People play badly for various reasons; the most common one is failure
> to judge what they currently produce as inadequate.
> ~ Tony Pay (on a Clarinet discussion list)
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://cp.mcafee.com/d/5fHCMUe3x0gdEIfKcfzzhPtUTsSzssYOqemkknzqdNPP9EV73zhO-rhKeupd7baa9EVdETd7b3bxEVKy-rEjGoSa0aaBOp-CendBiVc_j7bCSi3RDrefZvzhOMYYqehTnKnjp7csyqenQQjhOzORQr8EGT7csG7DR8OJMddEFCQQjt-ovKyqem77HCzATsS03fBitemg3PVgr3-00U9GX33VkDa3Jsmfr8CRzSO9sxlK5LE2zVkDjBA0Y-k6M_w09J5MQsCzBwS5wG4MAq80Wh7Wj0cQg1CFVEwhp706q80SB6_d42rNJCVJFONPd3Te48r
--
Louis Kowolowski louisk at cryptomonkeys.org
Cryptomonkeys: http://cp.mcafee.com/d/5fHCN8SyM-UM-ed7dTztPqdNPP9EVphhudET7fcCzAsed7bVJ6UVVAQsIEECzASzsQsIcK6zCWbVKxeFzoE0EGn9DWoVsSlbAPZcsKrp8fmtIU_R-d7b3PNEV7tuVtdAsNO9EVvjhd7afbnhIyyHssNOEuvkzaT0QSyOrjhdTVx-W9EVosuKqejtPo0aQiOQWGRwlYJjBYdH7JAiV2Hsbvg57OFeDb81VYEdx_00jqbxEVd7b1Ib1k9x8Qg1QyfQC0pEw3djPh0yOe0cQg1Jad-q84TzrdPrz1K-S4CRbCt
Making life more interesting for people since 1977
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://cp.mcafee.com/d/5fHCNEg4xASyM-UM-ed7dTztPqdNPP9EVphhudET7fcCzAsed7bVJ6UVVAQsIEECzASzsQsIcK6zCWbVKxeFzoE0EGn9DWoVsSlbAPZcsKrp8fmtIU_R-d7b3PNEV7tuVtdAsNO9EVvjhd7afbnhIyyHssNOEuvkzaT0QSyMrjhdTVx-W9EVosuKqejtPo0c-l9QVp0ffB1IfU03yQBLy9UIuShPpPSNdnUjFytQnbFFLUgu73A6bAcSsZIjl-4OZXThUxa1JoZIyn8lrxrW0E-l9QVp0ffB1IfU02rhsd79EVodxoaxc96y0eAh-AM3d40pGuq84mhM1Cy0dFhLPh0CYrpKrT1sgma-pYOVo
------------------------------
Message: 6
Date: Thu, 25 Feb 2016 18:48:34 -0800
From: Robert Citek <robert.citek at gmail.com>
Subject: Re: [PLUG] proxy.pac
To: "Portland Linux/Unix Group" <plug at lists.pdxlinux.org>
Message-ID:
<CAKFjdm7iR-iiyhAuYmUdMwOEtH+MBm5+s9XmOuPjL9TiKAJRcg at mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
On Thu, Feb 25, 2016 at 1:14 AM, Louis Kowolowski
<louisk at cryptomonkeys.org> wrote:
> I?m making some assumptions here, and if they?re not true, you can either correct me, or if the functionality i describe is what you want, take a look at http://cp.mcafee.com/d/avndzgQrhovsov76zCXNKVJ6UVVAQsIEEL6QrzDCjhOe76zBYSzssYOqemkkjhOrhKqem6n3hPt5YTgDkNIk0klbAPZcsKraBOp-CendIA7HeSsvW_6zBxVUQszKLsKCOeoV4QsLFECzB7BHEShhlKeoVkffGhBrwqrhvdFECXYM_t4QsIefnd79KVIDeqR4IMFREBBFRlH0HVqDbUDt5zbzIRKtltDaNsDeqNtqdgYJxJoZIyn8lrxrW0E-l9QVp0ffB1IfU02rhsd79EVodxoaxc96y0eAh-AM3d40pGuq84mhM1Cy0dFhLPh0CYrpKrZ_n20tbK where I detail how to set this up.
>
> Presumably you have:
> a) a web server that is passing the proxy.pac file out, and generating logs
> b) configured the browser?s proxy settings to ?auto?
>
> When you start/load the browser, you should be able to see in the webserver?s logs that its pulling a copy of the proxy.pac file. If this isn?t the case, that?s likely to be your problem. The site you mention is a little light on details for all this, so I?m not sure if you only have a partial setup, or if you?ve misconfigured something.
A bit more detail: I recently got a Chromebook (nope, I haven't
installed Linux/Crouton on it, yet). So this system does not have a
web server on it, which is what I would normally use. And I don't
want to set up a remote webserver. Instead, my hope it to have the
proxy.pac file reside locally on the Chromebook itself. So the URL to
the proxy.pac file would be something like
file:///home/chronos/.../proxy.pac. But thus far, that does not seem
to be working.
Thanks for the feedback thus far.
Regards,
- Robert
------------------------------
Message: 7
Date: Thu, 25 Feb 2016 21:04:48 -0600
From: Louis Kowolowski <louisk at cryptomonkeys.org>
Subject: Re: [PLUG] proxy.pac
To: Portland Linux/Unix Group <plug at lists.pdxlinux.org>
Message-ID: <1063653E-F47C-4E4D-9939-4C8684F15B5E at cryptomonkeys.org>
Content-Type: text/plain; charset="utf-8"
I don?t know if browsers support a local file for a proxy.pac or not. That would be the first thing I would investigate.
> On Feb 25, 2016, at 8:48 PM, Robert Citek <robert.citek at gmail.com> wrote:
>
> On Thu, Feb 25, 2016 at 1:14 AM, Louis Kowolowski
> <louisk at cryptomonkeys.org> wrote:
>> I?m making some assumptions here, and if they?re not true, you can either correct me, or if the functionality i describe is what you want, take a look at http://cp.mcafee.com/d/2DRPosrhovsov76zCXNKVJ6UVVAQsIEEL6QrzDCjhOe76zBYSzssYOqemkkjhOrhKqem6n3hPt5YTgDkNIk0klbAPZcsKraBOp-CendIA7HeSsvW_6zBxVUQszKLsKCOeoV4QsLFECzB7BHEShhlKeoVkffGhBrwqrhsdFECXYM_t4QsIefnd79KVIDeqR4IMFREBBFRlH0HVqDbUDt5zbzIRKtltDaNsDeqNtqdgYJxJoZIyn8lrxrW0E-l9QVp0ffB1IfU02rhsd79EVodxoaxc96y0eAh-AM3d40pGuq84mhM1Cy0dFhLPh0CYrpKrIGWW5-at where I detail how to set this up.
>>
>> Presumably you have:
>> a) a web server that is passing the proxy.pac file out, and generating logs
>> b) configured the browser?s proxy settings to ?auto?
>>
>> When you start/load the browser, you should be able to see in the webserver?s logs that its pulling a copy of the proxy.pac file. If this isn?t the case, that?s likely to be your problem. The site you mention is a little light on details for all this, so I?m not sure if you only have a partial setup, or if you?ve misconfigured something.
>
> A bit more detail: I recently got a Chromebook (nope, I haven't
> installed Linux/Crouton on it, yet). So this system does not have a
> web server on it, which is what I would normally use. And I don't
> want to set up a remote webserver. Instead, my hope it to have the
> proxy.pac file reside locally on the Chromebook itself. So the URL to
> the proxy.pac file would be something like
> file:///home/chronos/.../proxy.pac. But thus far, that does not seem
> to be working.
>
> Thanks for the feedback thus far.
>
> Regards,
> - Robert
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://cp.mcafee.com/d/FZsSd2gw921J5xZNxYsqerL6XCQrzDCjhOOyyYrhKeupd78UsqenPqdNPP9EVphhd79J6VEVopsd7dQnPt2tj6Ng1hkKjfQNOVIGn9DWoVsSOguIXpN_HYqem7DzhOeWZOWr8VzAjhO-CyqekumKzp55mUVzBgY-F6lK1FJ4srjhdTVx-W9EVosuKqejtPo0c-l9QVp0ffB1IfU03wCHIcfBisEeRNoZIyrmfr8BO5mUm-wafBitemg3PVgr3-00CQn3hOqem3om2Ej2hEw3F4vFc0Ph06qDCy15As0pEw3qkrYQg9L6SrC-IFHmXjVic9G
--
Louis Kowolowski louisk at cryptomonkeys.org
Cryptomonkeys: http://cp.mcafee.com/d/k-Kr4zqb3Xz3UUQsTudTdET7fcCzBB55USzssYOqehMUQsLCQrzDCjhOOyyqejqdPhOMOUqerELCW4WCdyw2yFsCvFzBPpkKjfQNOVJAwZpSPz_nUQsIff6zAtRXBQShP78CzBZd4QsEYJt6OaaJNP7axVZicHs3jqbNJd4TvC7XECzBxNWVEVdTdw0HhbbjGHm1nORenMSIuShbAaJMJZ0kvaAWsIw7DOwS7Y01dEK6zAQsI6MI5gC4zh07i8_io1Cy0cRfd42b8U0Ph06QETVEwjudITdH8DacByleYX
Making life more interesting for people since 1977
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://cp.mcafee.com/d/FZsS96Qm7T67NNEVKYrKrhKeupd7baabNJ6UVVAQszxNEVvdET7fcCzBB54QsCQrCzBxBMQsThvdQ9Rcr5055iVc_j7bCOFsCvFzBPr91WPJD7-LNEVouud78XHTbFIzCehd7bWq9EVhVqWdAklrzCel3PWApmU6CQjhOrjhdTVx-W9EVosuKqejtPo0c-l9QVp0ffB1IfU03yQBLy9UIuShPpPSNdnUjFytQnbFFLUMZqVEVsZzdDfr4RvxcLuZQu8iwrmfr8BO5mUm-wafBitemg3PVgr3-00CQn3hOqem3om2Ej2hEw3F4vFc0Ph06qDCy15As0pEw3qkrYQg9L6SrCXXgFREFf
------------------------------
Message: 8
Date: Thu, 25 Feb 2016 19:37:00 -0800
From: Michael Rasmussen <michael at jamhome.us>
Subject: Re: [PLUG] tcpdump whiz?
To: Portland Linux/Unix Group <plug at lists.pdxlinux.org>
Message-ID: <20160226033700.GA28370 at jamhome.us>
Content-Type: text/plain; charset=us-ascii
On Thu, Feb 25, 2016 at 07:15:50PM -0600, Louis Kowolowski wrote:
> From the link you posted:
>
> tcpdump -i any -s 1500 (tcp[((tcp[12:1] & 0xf0) >> 2)+5:1] = 0x01) and (tcp[((tcp[12:1] & 0xf0) >> 2):1] = 0x16)
>
> This captures the SSL handshake (0x16), and the hello (0x01). Seems reasonable that you could delete the expression for hello and end up with:
>
> tcpdump -i any -s 1500 (tcp[((tcp[12:1] & 0xf0) >> 2):1] = 0x16)
>
> Does this not work?
No, it's too promiscuous.
--
Michael Rasmussen, Portland Oregon
Be Appropriate && Follow Your Curiosity
When man invented the bicycle he reached the peak of his attainments. Here
was a machine of precision and balance for the convenience of man. And
(unlike subsequent inventions for man's convenience) the more he used
it, the fitter his body became. Here, for once, was a product of man's
brain that was entirely beneficial to those who used it, and of no harm
or irritation to others. Progress should have stopped when man invented
the bicycle.
~ Elizabeth West, Hovel
------------------------------
_______________________________________________
PLUG: http://cp.mcafee.com/d/2DRPoOcygOrhovsov76zCXNKVJ6UVVAQsIEEL6QrzDCjhOe76zBYSzssYOqemkkjhOrhKqem6n3hPt5YTgDkNIk0klbAPZcsKraBOp-CendIA7HeSsvW_6zBxVUQszKLsKCOeoV4QsLFECzB7BHEShhlKeoVkffGhBrwqrjKrjhdTVx-W9EVosuKqejtPo0dp0ffB1IfU02rmfr8BO5mUm-wafBitemg3PVgr3-00CQn3hOqem3om2Ej2hEw3F4vFc0Ph06qDCy15As0pEw3qkrYQg9L6SrCWXObVy2y
PLUG mailing list
PLUG at lists.pdxlinux.org
http://cp.mcafee.com/d/avndzgQ839J5xZNxYsqerL6XCQrzDCjhOOyyYrhKeupd78UsqenPqdNPP9EVphhd79J6VEVopsd7dQnPt2tj6Ng1hkKjfQNOVIGn9DWoVsSOguIXpN_HYqem7DzhOeWZOWr8VzAjhO-CyqekumKzp55mUVzBgY-F6lK1FJd4SCyrLP3ZQjhOMUZsQsCXCM0pYGjFOO0uva3ovM071dnoovaAVgtHyNXp4SIuShbAaJMJZ0kvaAWsIw7DOwS7Y01dEK6zAQsI6MI5gC4zh07i8_io1Cy0cRfd42b8U0Ph06QETVEwjudITdyHPQ7Ca-
End of PLUG Digest, Vol 137, Issue 28
*************************************
More information about the PLUG
mailing list