Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology

LinkBack Thread Tools
Old 04-26-2006, 11:50 AM   #1 (permalink)
Banned from being Banned
Location: Donkey
SSL Question

I think I already know the answer to this, but just double checking...

Say I went to https://blah.com/page.html...

You'd be able to see that I'm connected to blah.com, obviously the content itself is encrypted, but would you be able to tell that I'm viewing page.html?

(I'm assuming no, but ya never know..)
I love lamp.
Stompy is offline  
Old 04-26-2006, 12:40 PM   #2 (permalink)
Devils Cabana Boy
Dilbert1234567's Avatar
Location: Central Coast CA
in IE there is a small lock that apears locked in the lower right corner of the window. in firefox its the same location but it list the webpage that the key was issued to.

check https://www.wellsfargo.com/

... actually your question was actually much more complicated then I thought. Sorry my response is kind of worthless to you.
Donate Blood!

"Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen

Last edited by Dilbert1234567; 04-26-2006 at 01:42 PM..
Dilbert1234567 is offline  
Old 04-26-2006, 12:50 PM   #3 (permalink)
Darth Papa
ratbastid's Avatar
Location: Yonder
I BELIEVE that the GET or POST request occurs inside the envelope of the encrypted communication. There's an initial HELO against the server that initiates encryption negotiations, and then continuing encrypted data against that address, but the details of your requests should be encrypted.

See http://www.xramp.com/resources/how-ssl-works.
ratbastid is offline  
Old 04-26-2006, 01:53 PM   #4 (permalink)
trache's Avatar
You can always use a packet sniffer such as Network Chemistry's Packetyzer, to see exactly what happens when you try to connect to an HTTPS site. That will tell you for sure - look in the data portion of the packet - if you can't read your HTTPS packets, then it is encrypted.
"You looked at me as if I was eating runny eggs in slow motion." - Gord Downie of The Tragically Hip
trache is offline  
Old 04-29-2006, 09:09 PM   #5 (permalink)
yotta's Avatar
No, the page within the site is encrypted as well. HTTPS opens up an SSL connection first, then uses HTTP protocol inside SSL, so someone running a sniffer can only see that you're connected via SSL to the HTTPS port on blah.com. I am a network engineer Technicaly, you could be running anything over the HTTPS port, and the only indication that it's not HTTP is the times and amounts of data transfered.
I am Jack's signature.
yotta is offline  

question, ssl

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT -8. The time now is 09:58 PM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73