I have a group of systems that I need to monitor for use of approved SSL cipher suites. Wireshark is not available on them. tcpdump is the tool I need to use.
Do you know, or know someone who would know, how to contruct a tcpdump filter that matches only packets for the SSL handshake? Due to the volume of traffic on the systems I cannot capture everything and filter later. The most useful hint found so far is at: http://serverfault.com/questions/574405/tcpdump-server-hello-certificate-filter -- Michael Rasmussen, Portland Oregon Be Appropriate && Follow Your Curiosity People play badly for various reasons; the most common one is failure to judge what they currently produce as inadequate. ~ Tony Pay (on a Clarinet discussion list) _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
