Secure Vs. Unsecure (WireShark)

importdistributors · 02-15-2010, 09:29 AM

Hello All,

I have to write a paper about internet security. Specifically, we are supposed to determine using a packet sniffer, what is secure and what is not. For example we are to run wireshark, and surf the internet then we are supposed to state what shows up in the wireshark logs and what doesnt.

When logging into an HTTPS, does the username and password get captured?

How about chatting via instant messanger? (gmail, aim, yahoo)?

How about an ftp?

thus is (FTP, HTTP, HTTPS) secure or unsecure?

If anyone knows of any links that I can read to learn more it would be deeply appreciated.

Thank you!

seepy83 · 02-15-2010, 10:17 AM

I'm not going to do your homework for you. There are encrypted protocols, and there are unencrypted protocols. It shouldn't take much googling for you to determine which protocols are used by which applications, and whether or not it is secure.

If you actually need to provide a packet capture and anaylze the packets to show where the sessions start/end and what is encrypted and unencrypted, then I would start be reading the documentation provided on Wireshark's website. If you need more than that, there are classes you can attend to learn how to use Wireshark and how to do Packet Analysis.

You also could try the SANS Reading Room (http://www.sans.org/reading_room/) for papers on Encryption, Protocols, etc...

importdistributors · 02-15-2010, 11:46 AM

Quote:

Originally Posted by seepy83

I'm not going to do your homework for you. There are encrypted protocols, and there are unencrypted protocols. It shouldn't take much googling for you to determine which protocols are used by which applications, and whether or not it is secure.

If you actually need to provide a packet capture and anaylze the packets to show where the sessions start/end and what is encrypted and unencrypted, then I would start be reading the documentation provided on Wireshark's website. If you need more than that, there are classes you can attend to learn how to use Wireshark and how to do Packet Analysis.

You also could try the SANS Reading Room (http://www.sans.org/reading_room/) for papers on Encryption, Protocols, etc...

Very nice website you recommended, Maybe a little advanced, but I like it. Thank you.