Highest Voted 'deep-packet-inspection' Questions

8

votes

1 answer

Disabling HSTS for managed browsers

What are my options for disabling HSTS both for new sites and for those sites baked into the browser? The use of HTTPS inspection inherently changes the thumbprint of a site by acting as a man in the middle; visiting a site previously visited…

security firewall deep-packet-inspection

asked Aug 12 '14 at 15:30

Tim Brigham

15,545
10
75
115

5

votes

0 answers

Clarification regarding Deep Packet Inspection in the Linux Kernel's Netfilter section

The Linux Kernel provides Netfilter as a mechanism for both NAT and firewall functionality. Both of those functionalities require analysis and classification of incoming packets, which is dubbed "stateful packet inspection". For most traffic,…

linux iptables deep-packet-inspection

asked Oct 23 '17 at 20:04

tomboy64

51
1
3

4

votes

4 answers

Capture network traffic of a single application?

I am looking for a method / hack / kernel module to capture network traffic of a PID and all it's forks / child processes. I have a firefox applications that opens some web pages and starts to stream stuff with flash streaming, wmv, or any other…

virtualization packet-sniffer deep-packet-inspection

asked Jan 11 '12 at 17:09

Maxim Veksler

2,725
10
28
32

3

votes

1 answer

Suggestions on how to capture network connections/traffic for determining browser/SSL versions?

Note that I posted this Q to the StackExchange InfoSec site, but its not as populated as ServerFault and this is more on the technical side of network collection for web services. I've started thinking about how to approach analyzing my network…

ssl-certificate tcpdump packet-capture deep-packet-inspection

asked Dec 15 '13 at 18:49

dubmojo

203
2
12

1

vote

0 answers

TLS websocket proxy with deep packet inspection/traffic logging

I have a very specific scenario in which maschines (IoT) are communicating with a central server over websockets. I need to inspect the websockets traffic (wss/tls) for audit and monitoring reasons (especially troubleshooting). We can't do it on the…

ssl proxy logging websocket deep-packet-inspection

asked Apr 04 '19 at 17:39

Kitano

11
2

1

vote

0 answers

altering packet content of forwarded packets with nft or iptables using queues

I need to create a moderatly large application that changes the content of forwarded packets quite drastically. I was wondering whether or not I could alter the content of a packet that is intended for routing (kind of performing a man in the…

iptables routing nftables deep-packet-inspection

asked Nov 26 '17 at 19:58

Archop

11
3

1

vote

3 answers

Does it make sense to augment WAF (Web Application Firewall) with an IPS (Intrusion Prevention System)?

Following scenario: Web application, only HTTP/S traffic Firewall in place to only allow traffic on port 80/443 in WAF is in place, set to deny malicious traffic Question: Is there any added value in this scenario to also have an IPS / Deep…

networking ips web-application-firewall deep-packet-inspection

asked Nov 30 '21 at 16:09

silent

432
4
19

0

votes

1 answer

Chrome google certificate with deep inspection

I enabled deepinspection from my firewall for HTTPS connections using a company root CA. It is well working for all sites and browsers but I found a strange behaviour by Google Chrome. When I open google site using Chrome, the certificate is still…

firewall google-chrome deep-packet-inspection

asked May 10 '19 at 10:56

Tobia

1,272
9
41
81

0

votes

1 answer

Is it possible to obtain a list of https hosts that users have visited from a Sonicwall before DPI-SSL is implemented?

The reason I ask is that if one could do this, is because one could use the logs to find a list of https sites to white list by counting the number of visits prior to implementation. But something tells me that this isn't the case given the fact…

ssl sonicwall deep-packet-inspection

asked Apr 27 '16 at 16:03

leeand00

4,869
15
69
110

0

votes

1 answer

Skype Group Chat in a secured location?

When working in a secured location - some place that uses HTTPS inspection for the firewall, possibly application level filtering, etc - how do you get Group Chat to work correctly in Skype? Adding skype.com / pipe.skype.com to the HTTPS inspection…

firewall skype deep-packet-inspection

asked Nov 12 '14 at 20:20

Tim Brigham

15,545
10
75
115

0

votes

1 answer

ow to get protocol signatures?

Does anyone know how can we get signatures for various protocols e.g. BGP, DHCP, VxLAN etc? By signatures, I actually mean the pattern (e.g. something like 0x234557888) used for pattern-matching in a Deep-Packet Inspection engine. I want to write a…

network-protocols deep-packet-inspection

asked Sep 18 '13 at 13:45

user189942

101

0

votes

1 answer

Content-based packet filtering proxy

I want to set up a proxy server, which upon getting specific pattern in HTTP response body (a 403 Forbidden, with some special content), reroutes the packet some other way (through another proxy, for example). Which proxy servers may be used? And…

proxy http-proxy deep-packet-inspection

asked Apr 11 '13 at 18:00

semekh

145
6

0

votes

1 answer

Deep packet Inspection

Recently it came across me that some of the users might be abusing our platform not conform to our rules. Basically what we run is a platform for students by students. We sell shell accounts and VPS for ultra low prices (e.g. 15 euro for 1 year…

packet-sniffer deep-packet-inspection

asked Aug 11 '11 at 07:14

Lucas Kauffman

16,880
9
58
93

-3

votes

2 answers

What is the reason to use SSL on websites if it can be decrypted easily?

Since SSL can be decrypted easily using a basic man in the middle node, whats the reason to continue using it? Don't most ISPs decrypt on a daily basis using Deep Packet Inspection? And isn't it possible to put a MITM node at any hop along the…

linux ssl ssl-certificate packets deep-packet-inspection

asked Apr 04 '17 at 14:09

Matt B

99
1
1
9

Questions tagged [deep-packet-inspection]