[wellylug] basic https question

Geraint Jones g.jones at french-maid.co.nz
Mon Dec 20 15:16:04 NZDT 2004 

Depends what you mean by "capturing" if said hacker has root access to
your server then there is little point in them capturing anything, and
if they don't and are trying to capture the stuff by packet sniffing
then its possible but there are many far easier ways to do it.

in order to sniff your packets the hacker would need either to have root
access to one of the routers your traffic travels across or be
physically patched into your network link. Both of which are in the
realms of possibility but are not easy to acheve.

A lot of noise is made about packet sniffing/capturing but it is only a
problem on LAN's that or not switched, as a switch will connect point A
to point B directly, so point C cannot capture packets destined for
point B. However a hub broadcasts the packets and the appropriate target
is the only one that replies so anyone can capture the frames. In saying
that the amount of frames generated and broadcast on the average LAN is
rather a lot, so yes it can be done, but unless you have a huge amount
of time to find just one or two frames it is pointless.

I hope my rambling makes sense

Geraint Jones
Systems Administrator
French Maid Foods Limited
www.french-maid.net
 
Tel:  +64 (0)4 568 2687
Fax:  +64 (0)4 568 2345
Mob: +64 (0)21 739 240

-----Original Message-----
From: wellylug-admin at lists.wellylug.org.nz
[mailto:wellylug-admin at lists.wellylug.org.nz] On Behalf Of Mark Signal
Sent: Monday, 20 December 2004 3:09 p.m.
To: wellylug at lists.wellylug.org.nz
Subject: Re: [wellylug] basic https question

thanks for the answer

in the "real" world is capturing/scanning of http data looking for 
usernames and passwords actually a common hacker activity or is it just 
a "potential" problem ?

cheers

Mark



Geraint Jones wrote:

>Yes, https encrypts before it asks for user/pass AFAIK
>
>Geraint Jones
>Systems Administrator
>French Maid Foods Limited
>www.french-maid.net
> 
>Tel:  +64 (0)4 568 2687
>Fax:  +64 (0)4 568 2345
>Mob: +64 (0)21 739 240
>
>-----Original Message-----
>From: wellylug-admin at lists.wellylug.org.nz
>[mailto:wellylug-admin at lists.wellylug.org.nz] On Behalf Of Mark Signal
>Sent: Monday, 20 December 2004 2:46 p.m.
>To: Wellylug
>Subject: [wellylug] basic https question
>
>If I use wget to download a file from a password protected https 
>directory is the username and password  encrypted?
>
>cheers
>
>Mark
>
>
>  
>


-- 
Wellington Linux Users Group Mailing List:
wellylug at lists.wellylug.org.nz
To Leave:  http://lists.wellylug.org.nz/mailman/listinfo/wellylug
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.

More information about the wellylug mailing list