Friday, May 8, 2009

Wireshark and SSL connections

I'm maybe a little (a lot?) late on this, but I was reading this nice description of a packet capture analysis from the SANS forensics blog and just found that Wireshark can read SSL encrypted connections if you provide the private key! This is really nice ans useful. Here is a screenshot (also from SANS post) with the screen where you can indicate the private key to be used:

No comments:

Post a Comment