View ONLY specific protocol
Hello world I'd like to use Wireshark to audit a connection. In this instance I need to verify TLS/SSL is used in conjunction with telnet. And ... go.
Asked: 2017-12-12 00:14:30 +0000
Seen: 3,022 times
Last updated: Dec 12 '17
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
If you already have the capture, you can use the protocol display filters such as "ssl" or "telnet" Otherwise, you can use capture filters based on TCP port (or more specific if needed). You can view the protocol version used in the Protocol column and/or in the SSL protocol field in the Packet Details pane. Telnet itself is not secure and doesn't use SSL natively. Did you set this up and are wanting to confirm your configuration?
@csereno thanks for the feedback! Yes, I was auditing the security configuration of a telnet connection. I had previously established a connection on port 992; however, security must be verified. I was hoping to receive immediate assistance, but crickets... So I have to run filters on old pcaps.
A display filter such as "tcp.port==992" will single out your traffic in your old pcaps.