In August of 2018, the Internet Engineering Task Force (IETF) moved Transport Layer Security (TLS) Version 1.3 to RFC 8446. In the world of networking standards, this means it has been properly vetted by the community and is officially ready for showtime on clients and servers. About these captures We're able to look at TLS 1.3 handshakes thanks to support for the protocol in tshark 2.6. CloudShark 3.5 and later versions have support for TLS 1. Keep reading

cURL 7.56.0 includes support for saving a keylog file when browsing a secured site. You can use this file in CloudShark to decrypt HTTPS data for easier analysis. Keep reading

How can you intercept SSL traffic over HTTPS? Keep reading

CloudShark 2.5 includes the ability to decrypt SSL streams using captured key log data. How do key logs work? Keep reading

As many are aware (as it’s now become national news), a vulnerability was recently discovered in OpenSSL dubbed Heartbleed. The attack centers around the implementation of the Heartbeat extension in OpenSSL which causes a server to return the contents of memory that should be protected. This blogpost by Troy Hunt describes the vulnerability in detail: Everything you need to know about the Heartbleed SSL bug. Being packet geeks, naturally we wanted to get a capture of the Heartbleed attack in action. Keep reading

One of CloudShark’s most unique features is SSL stream viewing and rsa key management. Watch video on YouTube What do you do when you have certificates that you need to distribute to your team to look at encrypted data? How do you troubleshoot encrypted network traffic without having to give users access to your keys on their local machines? CloudShark contains a unique key management system in addition to its packet capture repository. Keep reading

If you don’t already know, one of CloudShark’s main features is the ability to manage RSA keys and allow those keys to be used to decrypt SSL traffic, allowing users to view encrypted data without ever having to give out your RSA keys. But what about other types of encryption? We were recently approached about support for Kerberos in CloudShark captures. CloudShark can actually support the decryption of Kerberos encrypted data using the Wireshark preferences file that we showed you before for fixing your RTP decode settings. Keep reading