>Can Tcpdump decode SSL traffic (and if given the proper key, the data too)?
>
>I understand that using SSLeay or OpenSSL with the -E option can decode secure IPsec.
> Can these libraries be used for decoding SSL also?
>
>I guess ssldump implements this functionality. Is there any plan for integrating
>ssldump's decoding into tcpdump?
I don't think so. we can dump IPsec traffic only if we have the
IPsec secret key. for SSL, they exchange session keys on the fly
so you have no idea what session key is.
you may want to check dsniff 2.3 (http://www.monkey.org/~dugsung/ is
the author).
itojun
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
