APPENDIX B

Installing TCPDump and OpenSSL

The code developed in this book has been tested to work on both Windows and Linux systems. If you want to follow the examples, you also need both OpenSSL and TCPdump installed locally. If you're on a Linux system, OpenSSL may already be available. TCPDump you usually need to install yourself. This appendix goes through the installation process for both systems for both software packages.

Installing TCPDump

TCPDump is a handy, versatile utility that can capture and display every byte that's exchanged on any given socket in a system. Obviously, if you're working with network protocols, this can be incredibly useful, although it's less useful when you're working with SSL/TLS-secured traffic. After all, the whole point of SSL/TLS is to protect users from these sorts of packet sniffers; TCPDump can come in handy, however, when debugging certificate verification problems or handshake problems.

TCPDump has its roots in Unix/Linux systems and as such is a command-line tool. You might find a more modern incarnation called Ethereal (also sometimes called Wireshark) preferable, especially if you're running a Windows system. However, the examples in this book use TCPDump strictly because its textual output lends itself much better to print.

Installing TCPDump on a Windows System

WinDump — TCPDump for Windows — depends on a library named pcap, a packet capture library. You can download both WinDump and pcap at the same website: http://www.winpcap.org/windump/install/default.htm ...