meapledoo
asked on
Linux HTTP Trace / Protocol Analysis
In Windows there are a number of tools that allow you to trace HTTP and HTTPS requests and responses - viewing headers, POST data, etc. One of my favorite tools for this is called HTTPAnalyzer.
When using Linux it seems that my options are limited to either using Wireshark to capture port 80 traffic (which is limited because it is unable to decode HTTPS content) or using Firebug or LiveHTTPHeaders inside of Firefox
Are there any applications for Linux that allow you to trace HTTP / HTTPS traffic?
When using Linux it seems that my options are limited to either using Wireshark to capture port 80 traffic (which is limited because it is unable to decode HTTPS content) or using Firebug or LiveHTTPHeaders inside of Firefox
Are there any applications for Linux that allow you to trace HTTP / HTTPS traffic?
Last Comment
ASKER
Hi nognew.
tcpdump has the same limitation as Wireshark. I can trace packets and filter by port 80/443 but the HTTPS traffic cannot be decrypted for analysis.
tcpdump has the same limitation as Wireshark. I can trace packets and filter by port 80/443 but the HTTPS traffic cannot be decrypted for analysis.
i'm not really familiar with windows tools. How they allow you to decrypt https traffic? Are you providing them with certificate somehow?
t.
t.
I read about HTTPAnalyzer now and basically answered question I have asked above. You can set up wireshark to do the same. Although the procedure a might look a bit tricky.
Here are the step by step guide how to do that:
http://www.routerzone.eu/wiki/index.php/Using_Wireshark_to_Decrypt_SSL/TLS_Packet_Data
Regards,
t.
Here are the step by step guide how to do that:
http://www.routerzone.eu/wiki/index.php/Using_Wireshark_to_Decrypt_SSL/TLS_Packet_Data
Regards,
t.
ASKER
Hi nognew,
That isn't an acceptable solution since you need to have the private key from the web server in order to decrypt the content. HTTPAnalyzer and similar tools inspect the traffic within the winsock layer - after the decryption occurs. I need a tool that does the same thing, which is why a network packet sniffer is not suitable for my needs.
Thanks.
That isn't an acceptable solution since you need to have the private key from the web server in order to decrypt the content. HTTPAnalyzer and similar tools inspect the traffic within the winsock layer - after the decryption occurs. I need a tool that does the same thing, which is why a network packet sniffer is not suitable for my needs.
Thanks.
correct, it seems you need a plugin for Firefox that can show you header etc.
How about Firebug?
I use it a lot to debug AJAX code. You can see packets in console mode.
https://addons.mozilla.org/en-US/firefox/addon/1843
Regards,
t.
How about Firebug?
I use it a lot to debug AJAX code. You can see packets in console mode.
https://addons.mozilla.org/en-US/firefox/addon/1843
Regards,
t.
ASKER
Thanks nognew.
I'm aware of Firebug and mentioned it in my question. I need a standalone application that can capture and log HTTP/HTTPS traffic from any application, not just Firefox.
I'm aware of Firebug and mentioned it in my question. I need a standalone application that can capture and log HTTP/HTTPS traffic from any application, not just Firefox.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Hi Nopius,
I'll agree with you that there is no available tool and will split the points between you and nognew. Thanks for both of your time.
Oh - and the goal is most certainly not an illegal one and I'm offended by the accusation. If you look at tools such as Firebug, HTTP Analyzer, etc - they trace HTTP and HTTPs interactions between the client and web server and allow a developer/analyst to inspect the traffic. There is absolutely nothing illegal about that. My goal was simply to find out whether such an application exists for a linux os.
I'll agree with you that there is no available tool and will split the points between you and nognew. Thanks for both of your time.
Oh - and the goal is most certainly not an illegal one and I'm offended by the accusation. If you look at tools such as Firebug, HTTP Analyzer, etc - they trace HTTP and HTTPs interactions between the client and web server and allow a developer/analyst to inspect the traffic. There is absolutely nothing illegal about that. My goal was simply to find out whether such an application exists for a linux os.
Linux Networking
The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.
19K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
perhaps tcpdump is quite useful utility.
Regards,
t.