Packet Tuesday - TLS Client Hello

Channel:
United States SANS Cyber Defense
Subscribers:
23,600
Published on ● Video Link: https://www.youtube.com/watch?v=9LJhMG1TrbA


Duration: 42:37
1,263 views
41

In this episode of Packet Tuesday we analyze TLS Client Hello.

Each Tuesday Dr. Johannes Ullrich will cover a specific network feature by analyzing a packet to help you better understand networks and network traffic.

Notes:
SEC503 Network Monitoring and Threat Detection In-Depth: https://www.sans.org/u/1obN

RFCs:
TLS 1.2: https://www.rfc-editor.org/rfc/rfc5246.html
TLS 1.3: https://www.rfc-editor.org/rfc/rfc8446.html
Extended Master Secret: https://www.rfc-editor.org/rfc/rfc7627
Renegotiation Indication Extension: https://www.ietf.org/rfc/rfc5746.txt
Aplication Layer Protocol Settings: https://datatracker.ietf.org/doc/html/draft-vvv-tls-alps-01

Packet: https://packettuesday.com/pcaps/tlsclienthello.pcap



Other Videos By SANS Cyber Defense


2023-01-26AI, Data Science, and Machine Learning Training for Cybersecurity Professionals with SANS SEC595
2023-01-24Packet Tuesday - IPv6 Neighbor Discovery
2023-01-17Packet Tuesday - IPv6 Router Advertisements
2023-01-11Network Monitoring Training with SEC503 Network Monitoring and Threat Detection In-Depth
2023-01-10Packet Tuesday - NTP
2023-01-03Packet Tuesday - IP Options
2022-12-20Packet Tuesday - TLS Server Hello
2022-12-13Packet Tuesday - FreeBSD Ping Vulnerability
2022-12-08Baby Steps to the Future: Evolving into the Next-Gen SOC
2022-12-07Don't Relay Me: Empirically Diagnose Privilege Escalation via Active Directory Account Sighting
2022-12-06Packet Tuesday - TLS Client Hello
2022-12-05IR Prep and Detection Engineering When the Cloud is Your Data Center
2022-12-02Prioritizing Defensive Capabilities
2022-12-01Once Upon a Login: How Logon Sessions Help Defenders See the Bigger Picture
2022-11-30Designing Security from the Ground Up
2022-11-29Packet Tuesday - TCP Urgent Flag
2022-11-28A Deep Dive into AWS IAM Privilege Escalation Attacks: Defenders’ Edition 2022
2022-11-23Responding to Advanced Adversaries
2022-11-22Packet Tuesday - EDNS Option Type 0
2022-11-21Enabling Defenders to Conduct Incident Response Investigations with Open-Source Tools
2022-11-18Dispatch from the SOC


Tags:
cyber defense
cyber defenders
packet tuesday
packet capture
packet analysis
packet capture analysis
dr johannes ullrich
johannes ullrich
johannes ullrich cybersecurity
tls
tls client hello
tls client
network traffic analysis
network traffic
traffic analysis
encyrption
asymmetric encryption