[prev in list] [next in list] [prev in thread] [next in thread]
List: ntop-dev
Subject: Re: [Ntop-dev] [ntop/ntopng] : SSL url and User-agent
From: Luca Deri <deri () ntop ! org>
Date: 2016-01-27 21:16:40
Message-ID: 7705AC93-0EB3-4732-AD16-873636E8A897 () ntop ! org
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Yes, HTTPS is encrypted
Luca
> On 27 Jan 2016, at 22:01, Manoj Mallawaarachchi <manoj_ws@yahoo.com> wrote:
>
> Http only as I understand ?
>
>
> Sent from Yahoo Mail for iPad <https://yho.com/footer0>
>
> On Wednesday, January 27, 2016, 11:52 am, Luca Deri <deri@ntop.org \
> <mailto:deri@ntop.org>> wrote:
> On 01/27/2016 02:49 AM, Manoj Mallawaarachchi wrote:
> > Dear Luca,
> >
> > I'm trying it with nDPI & nDPI reader.
>
> Manoj,
> nDPIreader can capture the host but not the URL. ntopng/nProbe can
> capture the URL
>
> Luca
> > --------------------------------------------
> > On Tue, 1/26/16, Luca Deri < <>deri@ntop.org <mailto:deri@ntop.org>> wrote:
> >
> > Subject: Re: [Ntop-dev] [ntop/ntopng] : SSL url and User-agent
> > To: <>ntop-dev@unipi.it <mailto:ntop-dev@unipi.it>, "Manoj Mallawaarachchi" < \
> > <>manoj_ws@yahoo.com <mailto:manoj_ws@yahoo.com>>
> > Date: Tuesday, January 26, 2016, 1:11 PM
> >
> > Manoj,
> > we
> > can capture URLs for HTTP but not for HTTPs. Would you like
> > to do it in ntopng or nProbe?
> >
> > Regards Luca
> >
> > > On 26 Jan 2016, at 07:09, Manoj
> > Mallawaarachchi < <>manoj_ws@yahoo.com <mailto:manoj_ws@yahoo.com>>
> > wrote:
> > >
> > > Dear
> > Luca,
> > >
> > > Thank you
> > for the quick reply. How about full URL capture. Just full
> > url only.
> > >
> > > Thank
> > you,
> > > Manoj
> > >
> > --------------------------------------------
> > > On Mon, 1/25/16, Luca Deri < <>deri@ntop.org <mailto:deri@ntop.org>>
> > wrote:
> > >
> > > Subject:
> > Re: [Ntop-dev] [ntop/ntopng] : SSL url and User-agent
> > > To: <>ntop-dev@unipi.it <mailto:ntop-dev@unipi.it>,
> > "Manoj Mallawaarachchi" < <>manoj_ws@yahoo.com <mailto:manoj_ws@yahoo.com>>
> > > Date: Monday, January 25, 2016, 1:24 PM
> > >
> > > Manoj
> > > HTTPS is encrypted and thus you cannot get
> > this
> > > info
> > >
> > > Luca
> > >
> > > On 01/24/2016 05:38 PM, Manoj
> > Mallawaarachchi
> > > wrote:
> > > > Dear All,
> > > >
> > > > Please advice
> > >
> > regarding below concern:
> > > >
> > > > I'm trying to capture full URL for
> > SSL
> > > URL to log file and corresponding
> > User-agent. I'm able
> > > get the
> > details from HTTP urls from http.c under protocols.
> > > But not able to find the way to get HTTPS
> > urls details.
> > > >
> > > > Please advice which
> > > files to look for this requirement.
> > > >
> > > > Thank in
> > advance.
> > > >
> > > >
> > BR,
> > > > Manoj M
> > > >
> > >
> > _______________________________________________
> > > > Ntop-dev mailing list
> > > >
> > > <>Ntop-dev@listgateway.unipi.it <mailto:Ntop-dev@listgateway.unipi.it>
> > > > http://listgateway.unipi.it/mailman/listinfo/ntop-dev \
> > > > <http://listgateway.unipi.it/mailman/listinfo/ntop-dev>
>
> > >
> >
> > >
> > >
> > _______________________________________________
> > > Ntop-dev mailing list
> > >
> > <>Ntop-dev@listgateway.unipi.it <mailto:Ntop-dev@listgateway.unipi.it>
> > > http://listgateway.unipi.it/mailman/listinfo/ntop-dev \
> > > <http://listgateway.unipi.it/mailman/listinfo/ntop-dev>
> >
>
> _______________________________________________
> Ntop-dev mailing list
> <>Ntop-dev@listgateway.unipi.it <mailto:Ntop-dev@listgateway.unipi.it>
> http://listgateway.unipi.it/mailman/listinfo/ntop-dev \
> <http://listgateway.unipi.it/mailman/listinfo/ntop-dev>
[Attachment #5 (unknown)]
<html><head><meta http-equiv="Content-Type" content="text/html \
charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: \
space; -webkit-line-break: after-white-space;" class="">Yes, HTTPS is encrypted<div \
class=""><br class=""></div><div class="">Luca</div><div class=""><br \
class=""><div><blockquote type="cite" class=""><div class="">On 27 Jan 2016, at \
22:01, Manoj Mallawaarachchi <<a href="mailto:manoj_ws@yahoo.com" \
class="">manoj_ws@yahoo.com</a>> wrote:</div><br \
class="Apple-interchange-newline"><div class=""><span style="font-family: Helvetica; \
font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; \
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; float: none; display: inline !important;" \
class="">Http only as I understand ?</span><br style="font-family: Helvetica; \
font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; \
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; \
-webkit-text-stroke-width: 0px;" class=""><br style="font-family: Helvetica; \
font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; \
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; \
-webkit-text-stroke-width: 0px;" class=""><br style="font-family: Helvetica; \
font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; \
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; \
-webkit-text-stroke-width: 0px;" class=""><a href="https://yho.com/footer0" \
style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: \
normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: \
start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; \
word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Sent from Yahoo Mail for \
iPad</a><br style="font-family: Helvetica; font-size: 12px; font-style: normal; \
font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; \
text-align: start; text-indent: 0px; text-transform: none; white-space: normal; \
widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br \
style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: \
normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: \
start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; \
word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><p style="font-family: \
Helvetica; font-style: normal; font-variant: normal; font-weight: normal; \
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; font-size: 15px; color: rgb(113, 95, 250); \
padding-top: 0px; margin-top: 0px;" class="">On Wednesday, January 27, 2016, 11:52 \
am, Luca Deri <<a href="mailto:deri@ntop.org" class="">deri@ntop.org</a>> \
wrote:</p><blockquote class="iosymail" style="font-family: Helvetica; font-size: \
12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: \
normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; \
margin-left: 0px !important; border-left-width: 1px !important; border-left-color: \
rgb(113, 95, 250) !important; border-left-style: solid !important; padding-left: 1ex \
!important; background-color: white !important;"><div \
id="msgSandbox_AMe2BimIAABEyVqh3MAJ8uIMLoEE_TEXT" class="msgSandbox" style="padding: \
1.5em 0.5em 0.5em 1.2em; word-wrap: break-word;">On 01/27/2016 02:49 AM, Manoj \
Mallawaarachchi wrote:<br clear="none" class="">> Dear Luca,<br clear="none" \
class="">><br clear="none" class="">> I'm trying it with nDPI & nDPI \
reader.<br clear="none" class=""><br clear="none" class="">Manoj,<br clear="none" \
class="">nDPIreader can capture the host but not the URL. ntopng/nProbe can<br \
clear="none" class="">capture the URL<br clear="none" class=""><br clear="none" \
class="">Luca<br clear="none" class="">> \
--------------------------------------------<br clear="none" class="">> On Tue, \
1/26/16, Luca Deri <<a shape="rect" ymailto="mailto:deri@ntop.org" class=""></a><a \
href="mailto:deri@ntop.org" class="">deri@ntop.org</a>> wrote:<br clear="none" \
class="">><br clear="none" class="">> Subject: Re: [Ntop-dev] \
[ntop/ntopng] : SSL url and User-agent<br clear="none" class="">> To:<span \
class="Apple-converted-space"> </span><a shape="rect" \
ymailto="mailto:ntop-dev@unipi.it" class=""></a><a href="mailto:ntop-dev@unipi.it" \
class="">ntop-dev@unipi.it</a>, "Manoj Mallawaarachchi" <<a shape="rect" \
ymailto="mailto:manoj_ws@yahoo.com" class=""></a><a href="mailto:manoj_ws@yahoo.com" \
class="">manoj_ws@yahoo.com</a>><br clear="none" class="">> Date: \
Tuesday, January 26, 2016, 1:11 PM<br clear="none" class="">> <span \
class="Apple-converted-space"> </span><br clear="none" class="">> \
Manoj,<br clear="none" class="">> we<br clear="none" class="">> can \
capture URLs for HTTP but not for HTTPs. Would you like<br clear="none" \
class="">> to do it in ntopng or nProbe?<br clear="none" \
class="">> <span class="Apple-converted-space"> </span><br clear="none" \
class="">> Regards Luca<br clear="none" class="">> <span \
class="Apple-converted-space"> </span><br clear="none" class="">> > \
On 26 Jan 2016, at 07:09, Manoj<br clear="none" class="">> Mallawaarachchi \
<<a shape="rect" ymailto="mailto:manoj_ws@yahoo.com" class=""></a><a \
href="mailto:manoj_ws@yahoo.com" class="">manoj_ws@yahoo.com</a>><br clear="none" \
class="">> wrote:<br clear="none" class="">> ><span \
class="Apple-converted-space"> </span><br clear="none" class="">> > \
Dear<br clear="none" class="">> Luca,<br clear="none" class="">> \
><span class="Apple-converted-space"> </span><br clear="none" \
class="">> > Thank you<br clear="none" class="">> for the quick \
reply. How about full URL capture. Just full<br clear="none" class="">> url \
only.<br clear="none" class="">> ><span \
class="Apple-converted-space"> </span><br clear="none" class="">> > \
Thank<br clear="none" class="">> you,<br clear="none" class="">> \
> Manoj<br clear="none" class="">> ><br clear="none" \
class="">> --------------------------------------------<br clear="none" \
class="">> > On Mon, 1/25/16, Luca Deri <<a shape="rect" \
ymailto="mailto:deri@ntop.org" class=""></a><a href="mailto:deri@ntop.org" \
class="">deri@ntop.org</a>><br clear="none" class="">> wrote:<br \
clear="none" class="">> ><span \
class="Apple-converted-space"> </span><br clear="none" class="">> > \
Subject:<br clear="none" class="">> Re: [Ntop-dev] [ntop/ntopng] : SSL url \
and User-agent<br clear="none" class="">> > To:<span \
class="Apple-converted-space"> </span><a shape="rect" \
ymailto="mailto:ntop-dev@unipi.it" class=""></a><a href="mailto:ntop-dev@unipi.it" \
class="">ntop-dev@unipi.it</a>,<br clear="none" class="">> "Manoj \
Mallawaarachchi" <<a shape="rect" ymailto="mailto:manoj_ws@yahoo.com" \
class=""></a><a href="mailto:manoj_ws@yahoo.com" \
class="">manoj_ws@yahoo.com</a>><br clear="none" class="">> > Date: \
Monday, January 25, 2016, 1:24 PM<br clear="none" class="">> ><span \
class="Apple-converted-space"> </span><br clear="none" class="">> > \
Manoj<br clear="none" class="">> > HTTPS is encrypted and thus you cannot \
get<br clear="none" class="">> this<br clear="none" class="">> > \
info<br clear="none" class="">> ><span \
class="Apple-converted-space"> </span><br clear="none" class="">> > \
Luca<br clear="none" class="">> ><span \
class="Apple-converted-space"> </span><br clear="none" class="">> > \
On 01/24/2016 05:38 PM, Manoj<br clear="none" class="">> Mallawaarachchi<br \
clear="none" class="">> > wrote:<br clear="none" class="">> \
>> Dear All,<br clear="none" class="">> >><span \
class="Apple-converted-space"> </span><br clear="none" class="">> \
>> Please advice<br clear="none" class="">> ><br clear="none" \
class="">> regarding below concern:<br clear="none" class="">> \
>><span class="Apple-converted-space"> </span><br clear="none" \
class="">> >> I'm trying to capture full URL for<br clear="none" \
class="">> SSL<br clear="none" class="">> > URL to log file and \
corresponding<br clear="none" class="">> User-agent. I'm able<br \
clear="none" class="">> > get the<br clear="none" class="">> \
details from HTTP urls from http.c under protocols.<br clear="none" \
class="">> > But not able to find the way to get HTTPS<br clear="none" \
class="">> urls details.<br clear="none" class="">> >><span \
class="Apple-converted-space"> </span><br clear="none" class="">> \
>> Please advice which<br clear="none" class="">> > files to look \
for this requirement.<br clear="none" class="">> >><span \
class="Apple-converted-space"> </span><br clear="none" class="">> \
>> Thank in<br clear="none" class="">> advance.<br clear="none" \
class="">> >><span class="Apple-converted-space"> </span><br \
clear="none" class="">> >><br clear="none" class="">> BR,<br \
clear="none" class="">> >> Manoj M<br clear="none" class="">> \
>><span class="Apple-converted-space"> </span><br clear="none" \
class="">> ><br clear="none" class="">> \
_______________________________________________<br clear="none" class="">> \
>> Ntop-dev mailing list<br clear="none" class="">> >><span \
class="Apple-converted-space"> </span><br clear="none" class="">> \
><span class="Apple-converted-space"> </span><a shape="rect" \
ymailto="mailto:Ntop-dev@listgateway.unipi.it" class=""></a><a \
href="mailto:Ntop-dev@listgateway.unipi.it" \
class="">Ntop-dev@listgateway.unipi.it</a><br clear="none" class="">> \
>><span class="Apple-converted-space"> </span><a shape="rect" \
href="http://listgateway.unipi.it/mailman/listinfo/ntop-dev" target="_blank" \
class="">http://listgateway.unipi.it/mailman/listinfo/ntop-dev</a><div \
class="yQTDBase yqt7308906999" id="yqtfd51131"><br clear="none" class="">> \
><br clear="none" class="">> <span \
class="Apple-converted-space"> </span><br clear="none" class="">> \
><span class="Apple-converted-space"> </span><br clear="none" \
class="">> ><br clear="none" class="">> \
_______________________________________________<br clear="none" class="">> \
> Ntop-dev mailing list<br clear="none" class="">> ><br clear="none" \
class="">> <span class="Apple-converted-space"> </span><a shape="rect" \
ymailto="mailto:Ntop-dev@listgateway.unipi.it" class=""></a><a \
href="mailto:Ntop-dev@listgateway.unipi.it" \
class="">Ntop-dev@listgateway.unipi.it</a><br clear="none" class="">> \
><span class="Apple-converted-space"> </span><a shape="rect" \
href="http://listgateway.unipi.it/mailman/listinfo/ntop-dev" target="_blank" \
class="">http://listgateway.unipi.it/mailman/listinfo/ntop-dev</a><br clear="none" \
class="">> <span class="Apple-converted-space"> </span><br clear="none" \
class=""><br clear="none" class="">_______________________________________________<br \
clear="none" class="">Ntop-dev mailing list<br clear="none" class=""><a shape="rect" \
ymailto="mailto:Ntop-dev@listgateway.unipi.it" class=""></a><a \
href="mailto:Ntop-dev@listgateway.unipi.it" \
class="">Ntop-dev@listgateway.unipi.it</a><br clear="none" class=""><a shape="rect" \
href="http://listgateway.unipi.it/mailman/listinfo/ntop-dev" target="_blank" \
class="">http://listgateway.unipi.it/mailman/listinfo/ntop-dev</a></div></div></blockquote></div></blockquote></div><br \
class=""></div></body></html>
_______________________________________________
Ntop-dev mailing list
Ntop-dev@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic