Ssl

From l7protocols
Jump to navigation Jump to search

SSL is Secure Socket Layer, which was developed by Netscape. TLS is Transport Layer Security, an IETF standard based on SSL and defined in RFC 2246. They are used, among other things, for secure web pages (HTTPS), and secure mail (e.g. IMAPS).

Identification

Ports

SSL and TLS servers usually run on TCP port 443.

l7-filter

l7-filter uses the ssl pattern for both SSL and TLS. It is well tested.

In addition, l7-filter uses the validcertssl pattern for TLS/SSL connections that start with a certificate from a well known certificate authority. Note that viewing a website that has a valid certificate will open one connection that matches this and many SSL connections that only match the SSL pattern. Thus, this pattern may not be very useful.

See also