Forum Discussion
nitass
Jan 16, 2012Employee
have you captured packet? was there anything suspicious there?
e.g.
tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap host x.x.x.x or host y.y.y.y
x.x.x.x is virtual ip
y.y.y.y is pool member ip
ssldump -Aed -nr /var/tmp/output.pcap -k /config/ssl/ssl.key/zzzz.key
zzzz.key is private key file
you are able to decrypt ssl traffic in wireshark.
Decrypting SSL traffic with Wireshark, and ways to prevent it
http://wirewatcher.wordpress.com/20...revent-it/