BLOG     |     FORUM
Welcome, Guest
Username: Password: Remember me
All your questions answered real quick by Unleash Networks Engineers.
  • Page:
  • 1

TOPIC: Import from ethereal dump

Import from ethereal dump 14 years 8 months ago #87

A HTTPS session was captured using etheral and saved the dump. I tried importing the ethereal dump into the unsniff, but i am not able to view the TLS or SSL packet in the window.No display or capture filters applied. As i am testing my own apache SSL server, i am having the servers private key, and also the server IP These had been configured properly in unsniff. Even sometimes i am not able to view the SSL sessions when capturing SSL packets directly using unsniff.

Unsniff ver 1.0.1.1230. Help me..
The administrator has disabled public write access.

Re:Import from ethereal dump 14 years 8 months ago #89

  • netscript
  • netscript's Avatar
Ashok,

Do you see any packets at all ? Are they all TCP instead of TLS ? In that case, check if the TCP port 443 is mapped to TLS and TLS port 443 is mapped to HTTP. Use the \"Plugins -> Manage Access Points\" window.

Regards,
Vivek Rajan
The administrator has disabled public write access.

Re:Import from ethereal dump 14 years 8 months ago #91

I see the TLS packets as TCP packets. I had already configured the TCP port to 443 and TLS port 443 mapped to HTTP. But still my packets are not in TLS. Even those TCP packets doesnt contain the RL (Record Layer) headers.
The administrator has disabled public write access.

Re:Import from ethereal dump 14 years 8 months ago #92

Thank you very much. I didnt recognise my proxy server. Now configured the proxy port as acces point. Now able to view the packets.Also the packets get decrypted using the server key.:)
The administrator has disabled public write access.
  • Page:
  • 1
Moderators: vivek [unleash]
Time to create page: 0.033 seconds