This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

One of our servers is sending out a bunch of calls to a specific ip address. I know it is via https and I know the call is getUserAccount. I have captured packets via wireshark on all of the suspected servers but my question is:

How do I / What is the most efficient way to find the specific info my server is sending to this particular IP?

I have filtered by ssl and analyzed ssl stream but it still looks unintelligable.

Thanks!

asked 14 Mar '11, 10:33

Khepf's gravatar image

Khepf
1111
accept rate: 0%


How do you know the 'call' is getUserAccount if it is via HTTPS ?

permanent link

answered 14 Mar '11, 20:04

vivekrj's gravatar image

vivekrj
1
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×20

question asked: 14 Mar '11, 10:33

question was seen: 3,428 times

last updated: 14 Mar '11, 20:04

p​o​w​e​r​e​d by O​S​Q​A