Arkime vs Wireshark dtls differences #110
Assignees
Comments
|
Looks like JA4S might have similar issues, but I haven't finished the arkime implementation yet. |
noeltimothy
added a commit
to noeltimothy/ja4
that referenced
this issue
May 21, 2024
|
Thanks for pointing this out Andy, we have a fix for this. |
igr001-galactica
pushed a commit
that referenced
this issue
May 21, 2024
|
JA4 client looks good, JA4S still has the empty issue for dtls 0 file 
|
|
Thanks Andy, we have a fix for this. This is now merged into main |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://github.com/arkime/arkime/raw/main/tests/pcap/wireshark-dtls0.pcap
version issue and empty should be all 0 right?
arkime: ds1i270000_fd1a708466c1_000000000000
ds1i270000_0003,0004,0005,0006,0007,0008,0009,000a,0011,0012,0013,0014,0015,0016,002f,0032,0033,0035,0038,0039,0060,0061,0062,0063,0064,0065,0066_
plugin: d00i270000_fd1a708466c1_e3b0c44298fc
d00i270000_0003,0004,0005,0006,0007,0008,0009,000a,0011,0012,0013,0014,0015,0016,002f,0032,0033,0035,0038,0039,0060,0061,0062,0063,0064,0065,0066_
https://github.com/arkime/arkime/raw/main/tests/pcap/wireshark-dtls12.pcap
version issue?
arkime: dd2i030300_f7e428980f70_6c817ce3d217
plugin: d00i030300_f7e428980f70_6c817ce3d217
The text was updated successfully, but these errors were encountered: