[adsense id=”0514458240″ width=”468″ height=”60″]
A recent posting on the RapidWeaver forum was asking for a stack to encrypt information as it is transmitted to the server. The best way of handling the encryption of information over the network is to use SSL encryption using HTTPS. I have prepared a mini screencast showing the impact of using HTTP calls versus HTTPS showing the network traffic at a packet level which shows the contents being transmitted. In the case of HTTP the information is transmitted plain text and in the case of HTTPS it is encrypted and undecipherable.
Here is the screencast (you can make out below “name=this+is+a+test”) showing the contents that was transmitted over the network:
I have also included the output for the low level packet trace to show that the output really is unreadable.
The is the unencrypted method:
21:48:02.137395 IP 192.168.1.65.64545 > linux.http: Flags [S], seq 3423171503, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 65236850 ecr 0,sackOK,eol], length 0 E..@..@.@......A.....!.P. s........................ ..or........ 21:48:02.137954 IP 192.168.1.65.64545 > linux.http: Flags [.], ack 2963052628, win 65535, options [nop,nop,TS val 65236850 ecr 343869153], length 0 E..4..@.@......A.....!.P. s....T........... ..or.... 21:48:02.138022 IP 192.168.1.65.64545 > linux.http: Flags [P.], seq 0:560, ack 1, win 65535, options [nop,nop,TS val 65236850 ecr 343869153], length 560 E..d..@.@......A.....!.P. s....T........... ..or....POST /rw/form/process.php HTTP/1.1 Host: linux User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://linux/rw/form/ Cookie: PHPSESSID=vod37o1rogncu9dpje2mpjlurcr8nucd Content-Type: application/x-www-form-urlencoded Content-Length: 19 name=this+is+a+test 21:48:02.142814 IP 192.168.1.65.64545 > linux.http: Flags [.], ack 219, win 65535, options [nop,nop,TS val 65236850 ecr 343869155], length 0 E..4,.@.@......A.....!.P. u................ ..or.... ^C 4 packets captured 12 packets received by filter 0 packets dropped by kernel
And this is the encrypted method:
listening on en0, link-type EN10MB (Ethernet), capture size 65535 bytes 21:48:37.078451 IP 192.168.1.65.64548 > linux.https: Flags [S], seq 550062483, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 65237199 ecr 0,sackOK,eol], length 0 E..@..@.@......A.....$.. .I........................ ..p......... 21:48:37.079122 IP 192.168.1.65.64548 > linux.https: Flags [.], ack 3513206321, win 65535, options [nop,nop,TS val 65237199 ecr 343877888], length 0 E..4m.@.@......A.....$.. .I..gF1........... ..p...). 21:48:37.079382 IP 192.168.1.65.64548 > linux.https: Flags [P.], seq 0:190, ack 1, win 65535, options [nop,nop,TS val 65237199 ecr 343877888], length 190 E.....@.@......A.....$.. .I..gF1........... ..p...)............Mo....sb]...@...N...IE....xq.... yD[......YF!+.........".T.3......H... .......8.......5.9... .....E.D.3.2...........A...../......... ...$... .....linux. .................#.. 21:48:37.175933 IP 192.168.1.65.64548 > linux.https: Flags [.], ack 2310, win 65414, options [nop,nop,TS val 65237200 ecr 343877912], length 0 E..4|.@.@......A.....$.. .JR.gO6........... ..p...). 21:48:37.199070 IP 192.168.1.65.64548 > linux.https: Flags [P.], seq 190:388, ack 2310, win 65535, options [nop,nop,TS val 65237200 ecr 343877912], length 198 E.....@.@......A.....$.. .JR.gO6........... ..p...)...............`.B....r.Z......... ..........`"........TP.[kK....C2... .A......D.H....2L,.R.$;G..S....+!......."......j.F..E6Z...X.+.b....P...........0..=..q .f...X..Q51V...Mh..C0m....'...*..GDkv...~ 21:48:37.206204 IP 192.168.1.65.64548 > linux.https: Flags [.], ack 2369, win 65535, options [nop,nop,TS val 65237200 ecr 343877920], length 0 E..4..@.@......A.....$.. .K..gOq........... ..p...) 21:48:37.207794 IP 192.168.1.65.64548 > linux.https: Flags [P.], seq 388:985, ack 2369, win 65535, options [nop,nop,TS val 65237200 ecr 343877920], length 597 E...?.@.@......A.....$.. .K..gOq........... *..z....Y...|5L2.?>...J...3.......](...a.."......7P..l..j.M..!P20.l..F.Y..f.Cxt..)?6.....&v..b8.-.....M....\dV.$}....e...}.\..d........{5...-..P2Q.z...7C.. N........g.8Y..`}...6.......H.Fi.R.I./@ 0.%.=.W....x,t...*k:sa.Q...jA..xH...;....P|....=......TNT.D..r*.x6.zU?.q.......([;...n4.2..O..).........!.....Z.....l..Y...-.XPh.....x..0.....4v>.).J.-[...c$c.\.......)z.\.X...R 21:48:37.213308 IP 192.168.1.65.64548 > linux.https: Flags [.], ack 2614, win 65535, options [nop,nop,TS val 65237200 ecr 343877922], length 0 E..4!.@.@......A.....$.. .Mm.gPf........... ..p...)" ^C 8 packets captured 106 packets received by filter 0 packets dropped by kernel