LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-12-2019, 04:25 AM   #1
zerouno
Member
 
Registered: Oct 2009
Location: Italy
Distribution: Slackware
Posts: 983

Rep: Reputation: 352Reputation: 352Reputation: 352Reputation: 352
tcpdump to show TLS client hello


Hello.

On my server I want to see if clients are using the protocol TLSv1.0 or TLSv1.2

tcpdump -i eth0 -w tls.dump

then open tls.dump using wireshark and it show TLS1 or TLS1.2 correctly

but I want to do it massively on large traffic.

the idea is
tcpdump -i eth0 "capture client/server hello"|grep TLS

obviously that syntax is not recognized but I want to do a similar thing.

Also if I user -w tls.dump, it capture the entire connection, but I need only the client/server hello, and I do not need the details but only if it is using TLS1.0 or 1.2

exists something that can help me?

Thankyou

P.S. The application is not an apache/443 but a mailserver/465 that not log the tls details
Matteo
 
Old 03-12-2019, 04:37 AM   #2
zerouno
Member
 
Registered: Oct 2009
Location: Italy
Distribution: Slackware
Posts: 983

Original Poster
Rep: Reputation: 352Reputation: 352Reputation: 352Reputation: 352
Solved...

using tshark (part of wireshark package)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
I've found tcpdump tagged as 'Installed' in PPM, why I can't find a tcpdump command ? illidan.modeler Puppy 1 09-07-2013 07:50 AM
Why does TLS port accespt both TLS and plain TCP? kenneho Linux - Server 4 02-08-2009 07:30 AM
errno: TLS definition in /lib64/libc.so.6 section .tbss mismatches non-TLS reference johnpaulodonnell Programming 2 07-25-2008 04:37 AM
/usr/bin/ld: errno TLS def.. mismatches non-TLS def.. maverick_pol Fedora 1 07-27-2007 10:50 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration