The handshake message contains a nonce, which is a random incrementing number, and a pair of keys (private and public). This is done by intercepting the initial ‘handshake’ message that nodes sent each other when initiating communication. Since we’re attempting to read messages sent across an encrypted network, we must find a way to decrypt this communication. Architecture overviewĪs the Tezos network is cryptographically secured, we had to design a mechanism with which the Tezos dissector could analyze the encrypted communication. Wireshark loads this library when it is launched. The tezos-dissector is compiled as a dynamic library. This library connects Wireshark with the tezos-dissector and enables us to write a dissector in Rust.
We have created the wireshark-epan-adapter, a small abstraction layer that wraps the unsafe C-like API for plugins in a safe Rust API. Most dissectors are built into Wireshark (such as TCP and IP).Īdditional dissectors can be added externally, as was the case with the Tezos dissector plugin. Each dissector decodes its part of the protocol and then hands off decoding to subsequent dissectors for an encapsulated protocol. Tezos dissectorĪs we wanted to expand Wireshark’s functionalities for the Tezos protocol, we had to develop a new dissector.Ī dissector is a module used to analyze a particular protocol. However, in order to analyze additional types of traffic, Wireshark uses custom-made dissector plugins. Using dissectors to analyze the intercepted packetsīy default, Wireshark is capable of analyzing a large variety of network traffic.Intercepting packets moving across the network.Wireshark is a utility that intercepts packets (messages) that arrive via the network, using dissectors to deconstruct what is within them and displaying them in its user interface (UI). Among developers, Wireshark is one of the most popular tools for the analysis of network traffic. Using Wireshark to intercept, analyze and display network data in Tezosįor a developer who is working directly with a Tezos node, it is very useful to be able to view the traffic of data that moves through the network.
0 kommentar(er)
