开发数据包嗅探器来判断流量是否被加密 [英] Develop a packet sniffer to tell if the traffic is encrypted
问题描述
如果我的问题似乎有点不专业,我很抱歉,我毕竟不是一个开发人员。
My apologies in advance if my question seems a little unprofessional... I am not much of a developer after all.
作为我大学项目的一部分,我需要开发一个在网络上侦听并判断流量是否被加密的程序?重要的是要知道到达网络端的流量是否加密,知道加密的类型和算法并不重要。
As part of my university project I need to develop a program that will listen on the network and tell whether the traffic is encrypted or not? What's important is only to know if the traffic coming to a network end is encrypted and it's not really important to know the type and the algorithm of the encryption.
我真的有没有线索从哪里开始如果有人可以给我一些关于要查找的线索,我会很感激。
I really have no clue where to begin. I'd appreciate it if anyone could give me some clues on what to look for.
提前感谢...
推荐答案
虽然GregS的答案当然是正确的,但区分加密文本的最好办法是查看应用程序使用的协议。例如,如果浏览器加密任何东西,可能是使用SSL来完成的。远程终端使用SSH。
Although the answer of GregS is of course correct, the best way to distinquish encrypted text is to look at the protocol used by the application. For instance, if browsers encrypt anything, it's probably done by using SSL. Remote terminals use SSH.
尽管密文大部分是随机字节,您可以区分加密协议。如果这足够取决于你的用例。作为第一步,许多协议默认使用特定的服务器端口;这可以用作启发式,所以您可以先检查该端口的最常用协议。
Although the cipher text is mostly looking as random bytes, you can probably distinquish the encryption protocols. If this is enough depends on your use case. As a first step, many protocols use a specific server port by default; this can be used as a heuristic so you can check the most common protocols for that port first.
这篇关于开发数据包嗅探器来判断流量是否被加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
