How to verify SSL prototol packets from Wireshark monitoring?

[lowoodz]

Hi, I am a newbie at network traffic analysis, I tried to verify ssl protocol by filtering packets from Wireshark monitoring. The display filter I use is "ssl", but I found that all packets in the pcap file are ignored totally. How can I get some pcab files for this? Thank you for advance!

[salcock]

Hi,

This is probably something that makes more sense to try and resolve over email -- send me an email at salcock@waikato.ac.nz and I'll try and help you from there.

It'll help if you can provide me with a copy of the pcap that you are trying to use. If the pcap is particularly large, you can use the frame.number < 1000 to remove all but the first 1000 packets. Then use the "Export Specified Packets" option in the File menu to create a new pcap file with just those packets and send that through instead.

[lowoodz]

@salcock Hi, I have sent you an email with the 2 pcap files I used to verify SSL protocol. Thank you so much!