10.6.7 Lab Using Wireshark to Examine HTTP and HTTPS Traffic - PanamaP/KEST3CO05DU GitHub Wiki

Step 2: Open a terminal and start tcpdump. a. Open a terminal application and enter the command ip address. [analyst@secOps ~]$ ip address b. List the interfaces and their IP addresses displayed in the ip address output.

inet 10.0.2.15/24

d. In the lower window, the message is displayed. Expand the HTML Form URL Encoded: application/xwww-form-urlencoded section. Question: What two pieces of information are displayed?

notendanafn og lykilorð af vefsíðunni.

b. Open a web browser from the launch bar within the CyberOps Workstation VM. Navigate to www.netacad.com. Note: If you receive a “Secure Connection Failed” webpage it probably means the date and time are incorrect. Update the day and time with the following command, changing to the current day and time: [analyst@secOps ~]$ sudo date -s "12 MAY 2020 21:38:20 Question: What do you notice about the website URL?

vefsíðan notar https og það er lás

What has replaced the HTTP section that was in the previous capture file?

Transport layer security

f. Click the Encrypted Application Data. Question: Is the application data in a plaintext or readable format?

Nei

Reflection Questions

1. What are the advantages of using HTTPS instead of HTTP?

Betra öryggi, https notar encryption á skilaboðin sem það sendir en http ekki

2. Are all websites that use HTTPS considered trustworthy?

Nei, það er hægt að bæta við gervi ssl security á phishing síður