This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
_Val_
Admin
Admin
‎2024-05-16 04:48 AM
In response to ZaferGr

I am still trying to understand the original statement. You said, according to wireshark, 8kb of traffic passed. Where did you run the whireshark? Client side, server side, FW itself? There is not enough info to answer your question properly.

All I can say at this point, the traffic passed seems to be related to HTTPSi validation of the application to block. 

Other than TLS handshake (not TCP handshake which is part of communication, but should not be as big as 8K), no actual data should pass. TLS handshake only includes certificate validation and authentication.

View solution in original post

(1)
Who rated this post