Wireshark mailing list archives
Re: dissecting HTTPS traffic
From: Patrick Klos <patrick () klos com>
Date: Fri, 9 Oct 2015 19:26:31 -0400
On 10/9/2015 7:12 PM, Noam Birnbaum wrote:
Hey folks,One of our clients has recently been having their WAN bandwidth eaten up, and we've narrowed it down to one executive's computer.Now we want to dissect that computer's traffic to see what it's doing. However, much of it is HTTPS, so we can't see the content. Any suggestions on getting a useful analysis?Thanks!
I would start by analyzing the locations of the IP addresses that the connections are going to. Have you run a virus scan on the computer in question?
Patrick
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- dissecting HTTPS traffic Noam Birnbaum (Oct 09)
- Re: dissecting HTTPS traffic Patrick Klos (Oct 09)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 12)
- Re: dissecting HTTPS traffic Noam Birnbaum (Oct 12)
- Re: dissecting HTTPS traffic Hugo van der Kooij (Oct 13)
- Re: dissecting HTTPS traffic Larry Rogers (Oct 13)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 13)
- Re: dissecting HTTPS traffic Noam Birnbaum (Oct 13)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 14)
- Re: dissecting HTTPS traffic gedropi (Oct 14)
- Re: dissecting HTTPS traffic Mark Semkiw (Oct 14)
- Re: dissecting HTTPS traffic miro . rovis (Oct 15)
- Re: dissecting HTTPS traffic Noam Birnbaum (Oct 12)