Security Basics mailing list archives
analyzing client / server traffic
From: J J <j_joensuu () yahoo com>
Date: 3 Apr 2003 15:31:40 -0000
Dear all, I have been sniffing at the communication between the client and the server part of a CRM-software that I support at work. Being that I at times get questions about the network security pertaining to this product, I wanted to see if it is possible to pinpoint where specific data such as login names, passwords (or software specific commands that an administrator can send from the client) are located within the packets sent by the client. The product uses a proprietory protocol, and looking at the data with tools such as Ethereal and the Ufasoft Sniffer surely did not reveal anything in clear text. I did also try converting my username to hex and looking for that as well, but did not find anything. So now I am at the situation where I do not know what to do next in order to further analyze the packets that I have captured (they are exported to a text and an .xml file). What sort of operations could one do with this sort of data? or would it help to get a packet analyzer? thanks for any advice, JJ ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
Current thread:
- analyzing client / server traffic J J (Apr 04)
- Re: analyzing client / server traffic James Washer (Apr 04)
- Re: analyzing client / server traffic Jonathan Strine (Apr 07)