I have to analyze SSL encryption in my test network and want to prove the transported data is encrypted. What methods can I use to prove encryption is in place?
Asked
Active
Viewed 323 times
0
-
2For beginners, Wireshark is great for network analysis of any sort. http://Wireshark.org – Henning Klevjer Oct 16 '12 at 19:43
2 Answers
1
If you just want to see that a SSL handshake occurs, just use a network monitor tool, like the aptly named Network Monitor from Microsoft. It will show you the details of the SSL handshake (see this answer for some details on the SSL handshake). Of course, at some point, data encryption begins, and you will then only see "encrypted application data", which is what you wanted.
Thomas Pornin
- 320,799
- 57
- 780
- 949
1
Another tool that will help ensure that you have correctly setup your SSL option is sslyze (Available here) which will test your configuration to ensure that you are using the best encryption algorithms available and that you do not allow re-negotiation to weaker algorithms, thereby negating all the hard work of checking that you are encrypting data in the first place.
Colin Cassidy
- 1,880
- 11
- 19
-
1Agreed. I always think it's best to use a different vendor's product when testing something. That way one vendor can't report something is OK based only on their own internal ideas about correctness. Involving an independent tool gives some assurance that the published standard is being met. – John Deters Oct 16 '12 at 19:41