On Wed, Oct 5, 2011 at 4:15 AM, Andrej van der Zee <andrejvander...@gmail.com> wrote: > Hi, > > I would like to ask if somebody could point me to information on howto > hook up libpcap to sniff a secure website on HTTPS. I understand I > have to decrypt the packets probably using openssl, but I wonder if > there is some howto to guide me. I am on the latest Ubuntu.
Last I checked, tcpdump supports decrypting IPSec, but not SSL. However, Wireshark decrypts SSL. You'll need the SSL private key of the webserver to do it. -- Aaron Turner http://synfin.net/ Twitter: @synfinatic http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin "carpe diem quam minimum credula postero" - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
