wireshark-users October 2010 archive
Main Archive Page > Month Archives  > wireshark-users archives
wireshark-users: Re: [Wireshark-users] Problem deciphering an op

Re: [Wireshark-users] Problem deciphering an openssl stream

From: <kolos_ws_at_nospam>
Date: Mon Oct 11 2010 - 12:36:17 GMT
To: Community support list for Wireshark <wireshark-users@wireshark.org>

Hi Philippe,

> Handshake Protocol: Server Hello
> [...]
> Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
>
> I don't see any DH here, so maybe that's not the problem.

I agree, it doesn't look like it's using DH. What would be interesting to
see if you see a "Client key exchange" or a "Server key exchange" at the
beginning of the SSL session in your capture when you look at it in
Wireshark.

Also, you might want to use "-s 0" when running tcpdump, that just
captures everything.

>> If you're using Firefox as your client, you can view what it's
>> configured to use by typing 'about:config' in your address bar.
>
> It's a SOAP call done from a python soap implementation. I should be
> able to configure it somewhere but I am not sure of what I should put.

Good question, I'm no Python expert, so others will have to help you out
here.

Kolos
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@wireshark.org?subject=unsubscribe