Solved

HTTP POST packets in broadcast

Posted on 2016-11-01
5
99 Views
Last Modified: 2016-11-02
Experts,

Do HTTP POST packets appear in a broadcast?

Suppose client-1 10.10.10.50/24 tries to authenticate to server 10.10.20.50/24 via HTTP.  
client-2 on 10.10.20.51/24 is sniffing the wire. Will the hTTP POST be broadcasted to client-2?
0
Comment
Question by:trojan81
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 9

Assisted Solution

by:James Bilous
James Bilous earned 250 total points
ID: 41868585
Yes, someone sniffing the wire could see the post packets being sent, which is why encryption is always recommended for authentication.
0
 
LVL 27

Accepted Solution

by:
Dr. Klahn earned 250 total points
ID: 41868593
HTTP packets are unicast to a specific address, not broadcast.

The interface on client 2 that is (presumably) in promiscuous mode sniffing the network will see the packet because it is in promiscuous mode.
0
 

Author Comment

by:trojan81
ID: 41868608
DR Khan, since the http packet is unicast to the server and not broadcast, explain how client-2 will always see the packet even in promiscuous mode
0
 
LVL 27

Expert Comment

by:Dr. Klahn
ID: 41868617
A network interface that is in promiscuous mode sees all traffic on its network.  This is how traffic sniffers work -- promiscuous mode works on any interface on any system.  There is no special hardware involved.
0
 
LVL 9

Expert Comment

by:James Bilous
ID: 41868624
I believe that this is more true for wireless than it is for ethernet. With the right MAC Address tables set up on intermediary routers between the source and destination machines, a node with a NIC in promiscuous mode does not necessarily see the traffic passed between the two. On wireless, all unicast packets can be seen by the NICS in transmission range.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction A frequent question goes something like this, "How can I show an introductory page to my clients on the first site visit, but not show it again on every visit?"  The answer is by using a cookie.  This article shows the design pattern f…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question