Ask Your Question
0

General question about HTTP and HTTPS in Laura's WS101 course

asked 2024-05-28 16:20:41 +0000

fadl gravatar image

I noticed while studying Laura's WS101 course, and starting with the NF course, that all (or most) of the packets she is working with are in HTTP not HTTPS. I don't get it, the courses were created in 2016, and HTTPS was the norm by then. Even when she is accessing well-known websites such as ESPN, it is apparent that the traffic is being dissected by HTTP dissectors. Did she provide Wireshark a decryption key? what is going on? I know this question may seem very easy to most of you, but it's got my mind busy, and I can't find an answer to it online.

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2024-05-28 16:48:50 +0000

Chuckc gravatar image

You didn't specify which file you were looking at.
Here is one from 2012 when HTTP was still a thing.

https://web.archive.org/web/201201050...

File

Name:
C:\xxx\http-espn2012.pcapng
Length: 4693 kB
Hash (SHA256): 892fee2e24c9adc015d0204885cde8741f66b7764edd20974f3632e8d74b19b9
Hash (SHA1): ef7aed0a1ef1e71359bc3ded4333f9ca8b2dacd6
Format: Wireshark/... - pcapng
Encapsulation: Ethernet

Time

First packet: 2012-01-07 15:54:07
Last packet: 2012-01-07 15:55:21
Elapsed: 00:01:14

Section Comment
[Copyright Chappell University]

Well? Have they improved the site yet? Check out the number of TCP connections and DNS traffic required to load the site. Refer to Chapter 23: Analyze Hypertext Transfer Protocol (HTTP) Traffic of "Wireshark Network Analysis" by Laura Chappell.
edit flag offensive delete link more

Comments

I did not specify, because it seemed like ALL of the files she used had HTTP instead of HTTPS. But I am talking about when she is capturing traffic. When she for example went to Wireshark.com and she was using a capture filter that looked for a specific GET request where she was looking for a specific image, and the website would return an image in response. I don't think the name of the image is of relevance, that is why I didn't check it again, but I am 100% sure that she was doing a live capture in a course recorded in August of 2016 and she was sending and receiving raw, un-encrypted packets.

fadl gravatar imagefadl ( 2024-05-28 17:14:46 +0000 )edit

2016 http:// www wireshark com/:
https://web.archive.org/web/201608240...

Chuckc gravatar imageChuckc ( 2024-05-28 17:21:13 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2024-05-28 16:20:41 +0000

Seen: 830 times

Last updated: May 28

Related questions

why wireshark is not showing http or https packets in the view?

Is it possible to infer advanced cookie properties like expiration from Wireshark

Intercept HTTP requests / responses and add custom header

Why there is port mismatch in tcp and http header for port 51006. Also why the netstat in server do not shows connections under port 51006 even traffic is coming to this port.

http request and response clarification!

How to plot HTTP requests/sec graph?

why protocol is not showing as HTTP even though we sent http request ?

How can I get https to show in Wireshark?

Cause Of Server Hello Delay

Development of OSCORE dissector