183
edits
TLS module: Difference between revisions
m
Link for IP column details
No edit summary |
m (Link for IP column details) |
||
| Line 18: | Line 18: | ||
The web page of the SSL module uses three tabs for showing all available information. At the top of the page, you will find a button which links to this documentation and a thrashcan button to clear all the statistics. | The web page of the SSL module uses three tabs for showing all available information. At the top of the page, you will find a button which links to this documentation and a thrashcan button to clear all the statistics. | ||
| Line 25: | Line 26: | ||
The table of IP addresses contains a search bar where you can enter an IP address or string which is matched against all name fields. This makes it possible to search for a specific IP or to find all IP addresses involved for a given certificate name. | The table of IP addresses contains a search bar where you can enter an IP address or string which is matched against all name fields. This makes it possible to search for a specific IP or to find all IP addresses involved for a given certificate name. | ||
The columns are as follows: | The columns are as follows: | ||
* IP address: This is the IP address for which SSL information has been seen. Clicking on it will lead to the IP module page of the same IP address. | * IP address: This is the IP address for which SSL information has been seen. Clicking on it will lead to the IP module page of the same IP address. | ||
* Country: The country code for the corresponding IP. | * Country: The country code for the corresponding IP. | ||
| Line 33: | Line 32: | ||
* Common name: Similar to the server name, the common names of all seen certificates are listed here, which have been returned by the server. | * Common name: Similar to the server name, the common names of all seen certificates are listed here, which have been returned by the server. | ||
* Capture: The capture button allows to directly capture traffic for the corresponding IP address. | * Capture: The capture button allows to directly capture traffic for the corresponding IP address. | ||
| Line 38: | Line 38: | ||
The second tabs shows the top list of all accessed SSL servers, showing the most accessed server first. The list contains the number of requestes, the IP (with a link to main server list filtered for that IP), the country of that IP, and alternative names known for this IP. | The second tabs shows the top list of all accessed SSL servers, showing the most accessed server first. The list contains the number of requestes, the IP (with a link to main server list filtered for that IP), the country of that IP, and alternative names known for this IP. | ||
| Line 56: | Line 57: | ||
Below the global statistics there are two graphs for historical data for handshake and SSL data responses. | Below the global statistics there are two graphs for historical data for handshake and SSL data responses. | ||
The data points are the average response time in the given time window (depending on the zoom level), and the top and bottom line shows the maximum and minimum response time in that time frame. | The data points are the average response time in the given time window (depending on the zoom level), and the top and bottom line shows the maximum and minimum response time in that time frame. | ||
Below the graphs there is the list of all HTTP servers with the following columns: | Below the graphs there is the list of all HTTP servers with the following columns: | ||
| Line 78: | Line 78: | ||
This tab shows all server negotiated SSL/TLS cipher suites in a table. Per cipher suite the name, number of SSL server hellos (which contains the cipher suite negotiation) and a graph with server hellos over time are shown. | This tab shows all server negotiated SSL/TLS cipher suites in a table. Per cipher suite the name, number of SSL server hellos (which contains the cipher suite negotiation) and a graph with server hellos over time are shown. | ||
By click on a cipher suite a detail page is shown with a table of all IPs that used this cipher suite in a SSL connection either as server or client. A graph shows the server hellos having that IP as either source or destination over time. | By click on a cipher suite a detail page is shown with a table of [[Common table columns#IP|all IPs]] that used this cipher suite in a SSL connection either as server or client. A graph shows the server hellos having that IP as either source or destination over time. | ||
When clicking on an IP address the connection tab of that particular IP address is shown with a preset filter of SSL connections with that cipher suite to allow further investigation. | When clicking on an IP address the connection tab of that particular IP address is shown with a preset filter of SSL connections with that cipher suite to allow further investigation. | ||