• 25,450
  • +1,014
  • 2,796
The Difference Between HTTP and HTTPS [HTTP]

The Difference Between HTTP and HTTPS [HTTP]

Bookmark

HTTP : Hyper Text Transfer Protocol

HTTP is foundation data communication for World Wide Web(WWW). Whenever we open website / webpage we will use this protocol.

Client side asks server side to open communication on port 80, server side open port 80 and in client side open random ports. Below is the picture when I’m opening http://www.kaskus.us and see open ports using netstat -an.

netstat -an to view open ports

As we can see from the picture, client computer opened random local ports and open port 80 on server side.

 

Are HTTP(Hyper Text Transfer Protocol) secure??

To answer this question, let’s see experiment below.

In this experiment, there’s 2 person in one wireless network BadGuy and NiceGuy. NiceGuy trying to open http://friendster.com  then login into it. In different place, BadGuy is in the same wireless network with NiceGuy as shown in the picture below :

HTTP and HTTPS difference

BadGuy using Wireshark to capture all packet data transmitted to/from access point. In this case BadGuy only collecting and see the packet data sent by the others. Below is the picture when NiceGuy input username(email) and password in friendster.com

friendster login page

and then the data captured by BadGuy using Wireshark.

Wireshark Capture HTTP data

 

HTTP Conclusion

Packet data sent using HTTP is not encrypted, anyone can see the data in plain text like the BadGuy do. That’s why HTTP not use for banking or transaction on internet, and also it’s not recommended if you open website login page that use HTTP at public network such as hotspot wireless area.

See : How About HTTPS (Hyper Text Transfer Protocol Secure)

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com