This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Desktop client tracking

0

I created a desktop client connects to Postgresql database and I want to be sure that this application uses SSL (I don't want to expose users authentications over the network).

How can I be sure that my desktop client connections over SSL or not?

I couldn't find a way to make Wireshark track my application's process so tried to use a simple filter because I know the destination ip and the port but this didn't help me very much!

ip.dst == 192.168.0.74 && tcp.port==5433

P.S. Sorry for silly question because I'm still a newbie and I couldn't find an answer to my question after searching here.

asked 21 Jul '13, 02:28

mbnoimi's gravatar image

mbnoimi
11112
accept rate: 0%

edited 21 Jul '13, 05:27

grahamb's gravatar image

grahamb ♦
19.8k330206


One Answer:

0

Wireshark can't track traffic on a per process basis but can do so by IP address and port.

What do you see with your filter?

answered 21 Jul '13, 05:29

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

What do you see with your filter?

How can I tell you what I saw, In case you want Wireshark's log you can download this link (K12 text file)

(21 Jul '13, 07:26) mbnoimi

It would be more helpful to just post the Wireshark capture (pcap) somewhere easily accessible, such as Cloudshark. Make sure the capture doesn't contain any sensitive info before posting it.

(21 Jul '13, 10:21) grahamb ♦