Improve company productivity with a Business Account.Sign Up

x
?
Solved

HTTP POST packets in broadcast

Posted on 2016-11-01
5
Medium Priority
?
143 Views
Last Modified: 2016-11-02
Experts,

Do HTTP POST packets appear in a broadcast?

Suppose client-1 10.10.10.50/24 tries to authenticate to server 10.10.20.50/24 via HTTP.  
client-2 on 10.10.20.51/24 is sniffing the wire. Will the hTTP POST be broadcasted to client-2?
0
Comment
Question by:trojan81
  • 2
  • 2
5 Comments
 
LVL 9

Assisted Solution

by:James Bilous
James Bilous earned 1000 total points
ID: 41868585
Yes, someone sniffing the wire could see the post packets being sent, which is why encryption is always recommended for authentication.
0
 
LVL 33

Accepted Solution

by:
Dr. Klahn earned 1000 total points
ID: 41868593
HTTP packets are unicast to a specific address, not broadcast.

The interface on client 2 that is (presumably) in promiscuous mode sniffing the network will see the packet because it is in promiscuous mode.
0
 

Author Comment

by:trojan81
ID: 41868608
DR Khan, since the http packet is unicast to the server and not broadcast, explain how client-2 will always see the packet even in promiscuous mode
0
 
LVL 33

Expert Comment

by:Dr. Klahn
ID: 41868617
A network interface that is in promiscuous mode sees all traffic on its network.  This is how traffic sniffers work -- promiscuous mode works on any interface on any system.  There is no special hardware involved.
0
 
LVL 9

Expert Comment

by:James Bilous
ID: 41868624
I believe that this is more true for wireless than it is for ethernet. With the right MAC Address tables set up on intermediary routers between the source and destination machines, a node with a NIC in promiscuous mode does not necessarily see the traffic passed between the two. On wireless, all unicast packets can be seen by the NICS in transmission range.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Introduction This warning has to be one of the most commonly issued warnings in the history of PHP.  The article explains why this warning arises and what to do to mitigate the problem. How this Happens HTTP headers include many different kinds…
A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.
If you are looking for an automated solution for backup single or multiple Office 365 user mailboxes to Outlook data file, then you can use Kernel Office 365 Backup & Restore tool. Go through the video to check out the steps to backup single or mult…

584 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question