Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: Re: [Wireshark-users] TLS

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Tue, 7 Oct 2008 10:18:20 -0700


On Oct 7, 2008, at 9:01 AM, David Moncur wrote:


I am using Wireshark 1.0.3 on Windows XP.

Having captures an SMTP session using TLS,
Is that a session that starts out as regular SMTP and then switches to TLS with a STARTTLS command? 

If so...
I was expecting to have Wireshark decode it for me. However it decoded it no further than SMTP, and TLS is not even in the protocol list.
...there's no support for that in the 1.0[.x] releases. I checked code to support STARTTLS into the main branch, but that was fairly recently, after the 1.0[.x] releases were branched off. 


How do I get more information from my tcpdump capture ?
The 1.1.0 development build might have STARTTLS support (I don't remember whether it was built before or after I added it): 

	http://www.wireshark.org/download/win32/

If not, you'll need one of the automated builds:

	http://www.wireshark.org/download/automated/win32/
  • Follow-Ups:
    • Re: [Wireshark-users] TLS
      • From: David Moncur
  • References:
    • [Wireshark-users] TLS
      • From: David Moncur
  • Prev by Date: [Wireshark-users] TLS
  • Next by Date: Re: [Wireshark-users] tshark showing null values in the generated pdml file
  • Previous by thread: [Wireshark-users] TLS
  • Next by thread: Re: [Wireshark-users] TLS
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation