Verify that a network connection is secure

You can verify that network data is encrypted by transferring a file containing a known string and sniffing the network to see if it can be found.


Formerly Ethereal, Wireshark can sniff all traffic that's transferred via a particular network interface. Start the GUI program (you'll possibly have to start it as root), select an interface to capture (Capture -> Interface), then transfer some data over whatever network connection that you want to test. When the data has been transferred, stop the capture and search for something that would have been contained in the data (Edit -> Find Packet, select string and enter the search term). If it is found then the data was not encrypted.


For example, create a file called encryption_test.txt on your web server that contains the following:


Start the network interface capture of eth1 then transfer the file to your local computer.

wget http://theserver/encryption_test.txt

Stop the interface capture and search the captured packets for encryptionteststring. It should be found.

Do the same, but this time transfer over a secure connection.

wget https://theserver/encryption_test.txt

A search for encryptionteststring should not return any results.

Last modified: 14/02/2007 Tags: (none)

This website is a personal resource. Nothing here is guaranteed correct or complete, so use at your own risk and try not to delete the Internet. -Stephan

Site Info

Privacy policy

Go to top