Network engineers, SysAdmins, and Website Administrators can all benefit from a better understanding of the operation of TLS (more commonly called SSL). TLS uses multiple encryption protocols to operate, and negates between many different suites of encryption protocols, called cipher suites. In this course, Troubleshooting with Wireshark: Analyzing and Decrypting TLS Traffic in Wireshark (Using HTTPs), you will learn the most secure versions of TLS implementations and ciphers suites, as well as how to identify less than optimal TLS Versions and ciphers in Wireshark. Additionally, you will learn how to capture the session keys in Windows and use the session key to decrypt traffic and extract websites from an encrypted session. By the end of this course, you will have gained better understanding and new methods for troubleshooting with Wireshark.
Course Overview Hi everyone, my name is Ross Bagurdes, and welcome to my course Troubleshooting with Wireshark: Analyzing and Decrypting TLS Traffic. I'm a network engineer with 20 years' experience in IT, supporting enterprise networks and teaching people about them. If you're a techy like me, you're probably curious about TLS encryption or SSL, as it's commonly referred, actually works. Searching Google will typically result in sparse information about TLS encryption, often leading you to false or incomplete information about its operation. In this course, I aim to enhance your understanding of TLS operation by describing the encryption protocols or cipher suites used by TLS. We'll use Wireshark to capture and describe the TLS handshake process, identifying where our encrypted communication begins in TLS. We'll learn how to identify insecure implementations of SSL or TLS, including the use of weak cipher suites. By the end of this course, you'll be able to identify strong and weak implementations of TLS and capture the session keys on your local workstation to decrypt TLS sessions in Wireshark. Before beginning this course, you should be familiar with capturing traffic in Wireshark, the TCP three-way handshake process, and a basic understanding of HTTP communication. I hope you'll join me on this journey to learn about troubleshooting TLS traffic with Wireshark in the Troubleshooting with Wireshark: Analyzing and Decrypting TLS Traffic course at Pluralsight.