Wireshark: Difference between revisions
Content added Content deleted
Line 52: | Line 52: | ||
|} |
|} |
||
<br /> |
<br /> |
||
* SSL Traffic Filters |
|||
Client Hello: |
|||
ssl.handshake.type == 1 |
|||
Server Hello: |
|||
ssl.handshake.type == 2 |
|||
NewSessionTicket: |
|||
ssl.handshake.type == 4 |
|||
Certificate: |
|||
ssl.handshake.type == 11 |
|||
CertificateRequest |
|||
ssl.handshake.type == 13 |
|||
ServerHelloDone: |
|||
ssl.handshake.type == 14 |
|||
Note: “ServerHellpDone” means full-handshake TLS session. |
|||
Cipher Suites: |
|||
ssl.handshake.ciphersuite |
|||
SSL handshake message types: |
|||
0 HelloRequest |
|||
1 ClientHello |
|||
2 ServerHello |
|||
4 NewSessionTicket |
|||
8 EncryptedExtensions (TLS 1.3 only) |
|||
11 Certificate |
|||
12 ServerKeyExchange |
|||
13 CertificateRequest |
|||
14 ServerHelloDone |
|||
15 CertificateVerify |
|||
16 ClientKeyExchange |
|||
20 Finished |
|||
== Wireshark Column Filters == |
== Wireshark Column Filters == |