View ONLY specific protocol
Hello world I'd like to use Wireshark to audit a connection. In this instance I need to verify TLS/SSL is used in conjunction with telnet. And ... go.
Please start posting anonymously - your entry will be published after you log in or create a new account.
Asked: 2017-12-12 00:14:30 +0000
Seen: 3,184 times
Last updated: Dec 12 '17
How to verify what protocol was used in an encrypted file transfer?
SSL/TLS Handshake Immediately Fails
[TLS 1.3] I am getting an error while decrypting the SSL Handshake Traffic -
Decrypting Application Data with Private Key File
TCP segment data -- is it under the SSL section?
Is this a correct TLS capture filter
My TLS client initiate an unexpected ClientHello to a domain
Certficate [TCP segment of a ressembled PDU] -- WHY/WHAT causes it?
SSL Dissector having public key,private key, DH Params: possibile?
If you already have the capture, you can use the protocol display filters such as "ssl" or "telnet" Otherwise, you can use capture filters based on TCP port (or more specific if needed). You can view the protocol version used in the Protocol column and/or in the SSL protocol field in the Packet Details pane. Telnet itself is not secure and doesn't use SSL natively. Did you set this up and are wanting to confirm your configuration?
@csereno thanks for the feedback! Yes, I was auditing the security configuration of a telnet connection. I had previously established a connection on port 992; however, security must be verified. I was hoping to receive immediate assistance, but crickets... So I have to run filters on old pcaps.
A display filter such as "tcp.port==992" will single out your traffic in your old pcaps.