ssldump

Question 1

SSL Negotiation

Answer 1

Client Hello
Server Hello
Certificate
ServerHelloDone
ClientKeyExchange
???

Question 2

ssldump -a

Answer 2

print bare TCP ACKs (useful for observing Nagle behavior)

Question 3

ssldump -A

Answer 3

print all record fields (by default ssldump chooses the most interesting fields)

Question 4

ssldump -d

Answer 4

display the application data traffic. This usually means decrypting it

Question 5

ssldump -e

Answer 5

print absolute timestamps instead of relative timestamps

Question 6

ssldump -k

Answer 6

use keyfile as the location of the SSL keyfile

Question 6

ssldump -H

Answer 6

print the full SSL packet header

Question 8

ssldump -M

Answer 8

will create pmsfile to write the PreMaster Secret lookup file

Question 9

ssldump -N

Answer 9

attempt to parse ASN.1 when it appears, such as in certificates and DNs

Question 10

ssldump -n

Answer 10

don’t try to resolve host names from IP addresses

Question 11

ssldump -P

Answer 11

don’t put the interface into promiscuous mode

Question 12

ssldump -p

Answer 12

specify password for SSL keyfile

Question 13

ssldump -q

Answer 13

don’t decode any record fields beyond a single summary line. (quiet mode)

Question 14

ssldump -r

Answer 14

read data from file instead of from the network

Question 15

ssldump -x

Answer 15

print each record in hex, as well as decoding it

Question 16

ssldump -X

Answer 16

used with -d swich, suppresses the display of the printable characters

Question 17

ssldump -y

Answer 17

decorate the output for processing with troff. Not very useful for the average user