Course info
Oct 9, 2017
1h 25m

Network engineers, SysAdmins, and Website Administrators can all benefit from a better understanding of the operation of TLS (more commonly called SSL).

TLS uses multiple encryption protocols to operate, and negates between many different suites of encryption protocols, called cipher suites.

In this course, Troubleshooting with Wireshark: Analyzing and Decrypting TLS Traffic in Wireshark (Using HTTPs), you will learn:

  • The most secure versions of TLS implementations and ciphers suites
  • How to identify less than optimal TLS Versions and ciphers in Wireshark
  • How to capture the session keys in Windows
  • How to use the session key to decrypt traffic and extract websites from an encrypted session
By the end of this course, you will have gained better understanding and new methods for troubleshooting with Wireshark.

About the author
About the author

For nearly 20 years, Ross has taught and managed data networks.

More from the author
Building Hardware Labs for CCNA Study
4h 11m
Apr 29, 2020
More courses by Ross Bagurdes
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Ross Bagurdes, and welcome to my course Troubleshooting with Wireshark: Analyzing and Decrypting TLS Traffic. I'm a network engineer with 20 years' experience in IT, supporting enterprise networks and teaching people about them. If you're a techy like me, you're probably curious about TLS encryption or SSL, as it's commonly referred, actually works. Searching Google will typically result in sparse information about TLS encryption, often leading you to false or incomplete information about its operation. In this course, I aim to enhance your understanding of TLS operation by describing the encryption protocols or cipher suites used by TLS. We'll use Wireshark to capture and describe the TLS handshake process, identifying where our encrypted communication begins in TLS. We'll learn how to identify insecure implementations of SSL or TLS, including the use of weak cipher suites. By the end of this course, you'll be able to identify strong and weak implementations of TLS and capture the session keys on your local workstation to decrypt TLS sessions in Wireshark. Before beginning this course, you should be familiar with capturing traffic in Wireshark, the TCP three-way handshake process, and a basic understanding of HTTP communication. I hope you'll join me on this journey to learn about troubleshooting TLS traffic with Wireshark in the Troubleshooting with Wireshark: Analyzing and Decrypting TLS Traffic course at Pluralsight.