ssldump/README

89 lines
2.9 KiB
Text
Raw Permalink Normal View History

# Old original README file from SSLDUMP 0.9b3 and probably outdated
2015-01-31 09:13:33 +00:00
$Id: README,v 1.9 2002/08/17 01:33:15 ekr Exp $
SSLDUMP 0.9b3
ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP
connections on the chosen network interface and attempts to interpret
them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it
decodes the records and displays them in a textual form to stdout. If
provided with the appropriate keying material, it will also decrypt
the connections and display the application data traffic.
ssldump depends on the libpcap packet capture library. Some systems
(e.g. FreeBSD) now have libpcap as part of their standard install. On
other systems, you will need to install it. You can obtain the
distribution from:
http://www.tcpdump.org/
If linked with OpenSSL, ssldump can display certificates in decoded
form and decrypt traffic (provided that it has the appropriate keying
material). Again, OpenSSL may be installed on your system. Otherwise
you can obtain it from:
http://www.openssl.org/
See the file INSTALL for instructions on building and installing
ssldump.
STABILITY
This is a beta release of ssldump. The UNIX portions have received
extensive testing and are believed to be quite solid. The Windows
port is substantially less stable.
CHANGES SINCE 0.9b2
Security fix: some potential over and underflows
Added support for VLANs.
Added -P flag to disable promiscuous mode.
Fixed bugs in the TCP reassembly code.
A lot of bug fixes.
See the ChangeLog for a more complete list of changes.
MAILING LIST
For support questions and general discussion on ssldump, please
subscribe to the ssldump-users mailing list. Subscription is by
majordomo. To subscribe, send a message with no subject and a body
consisting of the single line:
subscribe ssldump-users
to majordomo@rtfm.com. Note, you cannot send messages to the list
unless you are subscribed.
BUG REPORTS
Please send bug reports either to the ssldump-users mailing list
or to ssldump@rtfm.com.
INTEROPERABILITY NOTE
Previous versions of ssldump automatically looked for the keyfile
in 'server.pem' and used the password 'password'. This version
removes those defaults. For decryption to work you MUST specify
the keyfile (and password if the keyfile is encrypted.)
NEW VERSIONS
Newer versions of ssldump can be found at:
http://www.rtfm.com/ssldump/
SSL REFERENCES
The SSLv3 specification can be found at:
http://home.netscape.com/eng/ssl3/draft302.txt
The TLS specification is in RFC 2246 and can be found at:
http://www.ietf.org/rfc/rfc2246.txt
SHAMELESS PLUG
Extremely detailed coverage of SSL/TLS can be found in
_SSL_and_TLS:_Designing_and_Building_Secure_Systems_
Eric Rescorla
Addison-Wesley, 2001
ISBN 0-201-61598-3
_SSL_and_TLS_ makes extensive use of ssldump to demonstrate real-life
SSL behavior. If you like ssldump and want to learn about SSL, you
might consider buying my book.