Selecting Protocols in the Preferences Menu. On the left side of the Preferences Menu, click on Protocols, as shown in Figure 9. Getting to the Preferences Menu in Wireshark. Then use the menu path Edit -> Preferences to bring up the Preferences Menu, as shown in Figure 8. Open Wireshark-tutorial-on-decrypting-HTTPS-SSL-TLS-traffic.pcap in Wireshark. Viewing the pcap in Wireshark using the basic web filter without any decryption. Without the key log file, we cannot see any details of the traffic, just the IP addresses, TCP ports and domain names, as shown in Figure 7. All web traffic, including the infection activity, is HTTPS. This pcap is from a Dridex malware infection on a Windows 10 host. Use a basic web filter as described in this previous tutorial about Wireshark filters.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |