On 12/09/2014 07:43 AM, iMath wrote:
在 2014年12月9日星期二UTC+8下午2时58分36秒,iMath写道:
my software on the local machine needs to send http request to a specific web
server , is there any way to protect the http request url from being found by
Packet analyzer software like Wireshark and fiddler. The sever is not mine, so
I can do nothing in the server .
It would be better to show some code, I am an absolutely newbie in encryption .
I don't know any form of encryption that the server _does_ support, the sever
is not mine.
Here I just don't want to any other guys using packet analyzer software know
which server my software is sending data to
There's a lot you're leaving out about the network topology.
The answers to avoiding/confusing someone else's packet sniffer are either:
1) change the content so they can see where it's going, but have no idea why
3) use a route that doesn't go past their sniffing software
2) change the data traffic so they don't recognize where it's going
Encryption solves the 1st. The problem is that the other end has to
know the encryption scheme you're using, and cooperate in using it.
From what you're saying, that can't happen.
The best way to solve the 2nd is to move your laptop to some place your
sniffers don't have visibility to. And make sure the route from your
laptop to the server does not go near the sniffers. Maybe you could
talk the receptionist of the building where the server is into letting
you plug in there. Or you could use a library or other public wifi,
where you hope they're not nearby (in a network topology sense).
The third approach involves something like a proxy. You send encrypted
data to the proxy, which then decrypts it and resends it to the server.
The server responds to the proxy, which encrypts the response and sends
it to you. There are many things similar to this, used by crackers all
over the world, as well as for some legitimate purposes. One legitimate
proxy-like thing many of us have used is an ip-tunnel like a VPN. I
have telecommuted to jobs where my access into the corporate network is
via VPN, and all a sniffer at my house would see is access to a single
machine, not to the final machine within the company network.
It probably would be best if you explained the actual scenario. Are you
trying to get to black-listed sites from within a corporate environment,
and afraid the company IT department will detect it and get you fired?
Best answer is to do it at home instead, where they're unlikely to have
access.
If you wind up needing a proxy, you have to open an account with them,
and make the arrangements. I've enabled a proxy for my machine when it
was necessary, but have no idea how to program it; it also may vary
depending on the proxy server.
--
DaveA
--
https://mail.python.org/mailman/listinfo/python-list
