Others have mentioned switches or hubs for gathering the packets.
Network Taps are another alternative, and many are available used (ebay)
for relatively small prices.
https://www.ebay.com/sch/i.html?_from=R40&_trksid=p2499334.m570.l1313&_nkw=network+tap&_sacat=58058
Kurt
On Wed, May 12, 2021 at
I'm trying to capture just the TLS negotiations to/from a web page, using
tshark, and have stared at the BPF filter page here (
https://biot.com/capstats/bpf.html) and several other pages, and can't make
it work.
This site has 4 different host A records fronting it in a CDN.
This is what my filte
ce.
> Furthermore “ssll.handshake” isn’t in the capture filter syntax, these are
> display filter expressions which cannot be passed in the capture engine.
>
>
> On 13 Mar 2023, at 22:34, Kurt Buff wrote:
>
> I'm trying to capture just the TLS negotiations to/from a web page,
