| 1 |
> |
| 2 |
> > As far as CLI tools go, sorry, I'm not sure what's available. Never had |
| 3 |
> > a need to look into those. |
| 4 |
> |
| 5 |
|
| 6 |
tcpdump is the most common CLI tool. Handy if you want to capture to a file |
| 7 |
on a unix based firewall or F5 etc so you can then view it in Wireshark on |
| 8 |
your workstation. |
| 9 |
|
| 10 |
|
| 11 |
> So Wireshark is a GUI tool? |
| 12 |
> |
| 13 |
|
| 14 |
Yes. |
| 15 |
|
| 16 |
It has crypto decode for SSL if you have the private key, so it might also |
| 17 |
be possible to have it decode WPA since you have the key - RTFM to find out |
| 18 |
for sure. Depending on how the crypto works you may need to have captured |
| 19 |
the beginning of the crypto setup to be able to decode, as that's where the |
| 20 |
session key will be exchanged. Cant remember if WPA does that or not. |
Archives