Tag: WireShark
MacOS Big Sur and SSLKEYFILELOG
Today I had to decrypt SSL/TLS traffic from my browser. There are a lot of resource available to explain the steps necessary to capture traffic and decrypt the traffic, like How to Decrypt SSL with Wireshark – HTTPS Decryption Guide. However, I noticed that my ssl-keys.log file wasn’t populated when starting Chrome of Firefox. The … Read More
Aruba Networks, Configuration Example, Switching
AOS – WireShark: remote capture
AOS switches have the option to monitor / copy traffic from port A to port B. You also have the option to send the monitor traffic to a remote switch or even to a remote host. When the remote host is running WireShark, the monitored traffic can be analysed on the remote host. First you … Read More
Cisco ASA: multiple context and capture
Packet captures are very useful for troubleshooting purposes. The Cisco ASA supports packet captures even in multiple context mode. I normally configure packet captures on CLI level. This can be done by configuring an access-list to match the specific traffic you would like to capture. Add the access-list and the specific interface in a capture command. … Read More
Configuration Example, Routing, Security, Switching
Secure HSRP configuration
A friend of mine works for a well known auditing and penetration testing company in the Netherlands. Recently we were talking about how he starts looking for flaws in network infrastructures. My friend told me that the first thing he does is simply starting WireShark and start looking at all the packets he receives. By … Read More