In the previous article I talked about introductory facts of SSL/TLS. In this post I will be looking at how a TLS session is established and introduction to internals of TLS protocol.Further in this post it is assumed that TCP is the underlying transport protocol on top of which TLS is working.

In few upcoming posts I will be talking about the how the SSL/TLS works. In this article I will cover very basic stuff about SSL. Though Wikipedia might be a better resource for this kind of information, but this is very condensed information and also serves as my personal notes :).

Recently another major bug was found in OpenSSL library, CVE-2014-0224. Masashi Kikuchi discovered the vulnerability and has ellaborated here on how he discovered the vulnerability. This bug doesn’t have repercussions as Heartbleed bug, but still severe enough to patch the systems running vulnerable OpenSSL versions. There are many blog entries discussing this bug in detail, but over here I would like to put some light on how to detect this bug in the OpenSSL implementation on your own .

While working on my thesis I came across a weird problem, wireshark was showing packet size more than the MTU. One of the possible reason can be underlying network supports jumbo frames. But it wasn’t so in my case.