Wireshark mailing list archives
Re: TDS : TLS Exchange
From: Craig Jackson <cejackson51 () gmail com>
Date: Fri, 14 Aug 2020 12:28:38 -0400
I had thought about trying to decode that, but all of the test traces I had were proprietary. I'm hoping that the TDS isn't decodable (without other key information) but the TLS exchange should be. It requires knowing more about TLS. :-) Craig On Fri, Aug 14, 2020 at 10:31 AM Graham Bloice <graham.bloice () trihedral com> wrote:
Yep, that's what's happening, see here: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-tds/60f56408-0188-4cd5-8b90-25c6f2423868, somewhat similar to the STARTTLS behaviour in SMTP for example. There's currently no code in the TDS dissector to hand-off to the TLS dissector. On Fri, 14 Aug 2020 at 14:50, nalini.elkins () insidethestack com < nalini.elkins () insidethestack com> wrote:Hello List, I have a trace from a Microsoft SQL server using TDS. Tabular Data Stream <https://en.wikipedia.org/wiki/Tabular_Data_Stream> Tabular Data Stream During the early development of Sybase SQL Server, the developers at Sybase perceived the lack of a commonly acc... <https://en.wikipedia.org/wiki/Tabular_Data_Stream> It looks like the first part of it is the TLS exchange. I am attaching trace. Any thoughts on a potential breakout of this? If I decode as TLS, then the application data packets appear to decode fine but not the TLS handshake. Thoughts? Nalini Elkins ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe-- Graham Bloice Software Developer Trihedral UK Limited ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- TDS : TLS Exchange nalini.elkins () insidethestack com (Aug 14)
- Re: TDS : TLS Exchange Graham Bloice (Aug 14)
- Re: TDS : TLS Exchange Craig Jackson (Aug 14)
- Re: TDS : TLS Exchange Graham Bloice (Aug 14)