I'm tracing three IP addresses. Address A and Address B communicate with each other using HTTPS. Address C and B communicate with each other using raw packets that are encrypted using the same certificate as the other two. Address A and C are servers. My question is, when I configure Wireshark for SSL packets using the "SSL Decrypt Edit" form, what do I enter in the "protocol" field to trace hex data? asked 14 Sep '12, 16:28  tcoder |
One Answer:
You can enter "data" as protocol, this will make Wireshark not interpret the decrypted data as any protocol, but it will just be shown as "data". answered 14 Sep '12, 23:46  SYN-bit ♦♦ |
Thanks! Just what I needed.