Protocols: HTTP and HTTPS

Video Activity

Protocols: HTTP and HTTPS This lesson covers HTTP and HTTPS protocols: Hypertext Transfer Protocol (HTTP): This TCP works in web browsers, the browser sends a 'get' request to a web page and all the information is in interpreted into what we see on the screen when we access a web site. All information passed over HTTP is in Clear Text. Hypertext Tr...

Start your free 3-day trial and become one of the 3 million Cybersecurity professionals advancing their career goals
Sign up with

Already have an account? Sign In »

31 hours 29 minutes
Video Description

Protocols: HTTP and HTTPS This lesson covers HTTP and HTTPS protocols:

  • Hypertext Transfer Protocol (HTTP): This TCP works in web browsers, the browser sends a 'get' request to a web page and all the information is in interpreted into what we see on the screen when we access a web site. All information passed over HTTP is in Clear Text.
  • Hypertext Transfer Protocol Secure (HTTPS): This is encrypted HTTP; the information is not in Clear Text. This is used on banking web sites.
Video Transcription
next we have our http and https protocols. Now, http stands for hypertext transfer protocol. You may have heard of HTML, which is hypertext markup language is the language which hypertext transfer protocol interprets to display web pages.
HTML is the programming language which we used to develop. Web pages
and http, is the protocol which transfers
those those Web pages which transfers that programming
so are brought. Web browsers are going to be our typical program, which, which pulls this hypertext transfer protocol packets and our hypertext transfer protocol works over Port 80
TCP again. TCP being our connection based protocol. So wanna verify we have a connection with a Web server
and verify that all the packets were getting are in order and there correct.
So report 80
Now, when we're running over http and we're using our Web browser, what are Web browser does is it sends a git request to a Web server for a particular page. So www dot whichever dot com we're sending a get request
to that Web server for its index page, or it's www page or whichever page it displays
as it's
first page, which is gives us because
all in all Web pages when they're being displayed to us,
All they are is a file
with with programming inside of them.
And we're asking that Web server we're asking to get that file.
And once we get that file, it's transferred over to us with http, and then our browsers interpret that into what we see on the screen.
And then as we navigate through the individual Web pages, we see slashes and we see different names were simply just on the same server, going to different files on the same server.
So Web pages orjust Bunches of files and data bases that are browsers were taking that information and interpreting. And the way they get that information is by sending a get request over Port 80 http and then getting that information back.
All information passed over standard http is clear text.
If you look at your u R l and you see http, colon forward slash forward slash Whatever.
All the information you see on your page is clear text, which means that it's not encrypted.
So if hypothetically you were plugged into a hub or you're connected to a wireless anyone else on that hub on that wireless or anyone else that can sniff your traffic can see exactly what you're looking at
because it's http. It's all in clear text. There's nothing hidden about it.
we do need some Web page information that we get to be encrypted. We don't want our bank account information to be clear text, because if all of our Loggins on our bank account information we're clear text Anyone who was on our same network that could see our traffic say anyone on our same wireless or anyone connected to us over hub
running wire shark can easily pull that information.
There are some websites that are badly designed that have very, very bad security that may be used. Log in pages that are, http.
um, I
done demonstrations before where all you have to do is take wire shark, install it on a laptop installing on a computer, and then connect to that same network and then use wire shark to capture the packets. And the http packet, which
contains the log in information which contains the request in the scent log in information
is very clearly marked and convey very easily be found with the same simple search string. You simply filtered the packets that wire shark is captured. It will show you the packets which match the filter that you applied and you open one up and you say, Oh, this is log in information. This is the website. It was that the user was that when they entered the information,
this was the user name, and this was the password.
That's if you're using your at a log in page that is Http. So be very careful. When you're logging in tow websites or you're creating a website and your log in page, you don't want that log in page or any pages where, um,
a user would be receiving confidential information to be http. That's why you always hear when you're buying things online, make sure there's a little lock in the corner. What is the little lock?
The little lock means you're transmitting over https and you'll see that when you're on log in pages or when you're on pages where you're entering credit card information or doing purchasing, or even when you're doing some Google searches, because there's Google searches, maybe information that you don't want to share with everybody you don't want just everybody knowing what your Google searching
they don't want. You don't want everybody knowing about that scab that you have on your on your on your arm. You want that to be personal information?
So https is http secure
and this is encrypted
hypertext transfer protocol.
Now, this is going to transfer over port 443 and it's also gonna be TCP.
And this encrypted http is going to be you be using a certificate
between our client and our server in order to establish communications.
And the information is not clear text. If I would've captured this information with wire shark, if I were to pre performing a man in the middle attack and on Lee sniffing your information, then I wouldn't be able to apply that same string that I did with http Loggins and find your log in information.
Your log in information is encrypted. I don't have the certificate between you and the server.
So what is this certificate?
Well, a certificate is a piece of information that we you are. It's a piece of data that we can use to encrypt our weaken. Used to encrypt our traffic between us and a server that let's not only us, no, but let's the server know that the other person is who they say they are.
So let's say we're trying to connect to facebook dot com
Now facebook dot com will issue a certificate. If we're on an https page that says, Hey,
you're on an encrypted page right now
and here's my certificate toe let you know that I am who I say I am. I am actually the facebook dot com server. I'm not
Facebook hacker Russia dot com server
So will be issued that certificate toe. Let us know that they are who they say they are now.
Ah, fake website can have their own certificate.
Just because the website has a certificate doesn't mean you should give them all your information.
You don't want to go to https Russian hacker dot com and give them all of your information.
Unless Russian hacker dot com is a legitimate business. I haven't checked recently.
Um, but
that certificate between the client and the server is simply
the servo, letting you know that you are who you say you are, and the client letting the server know that they are who they say they are. So those communiqu that communication can proceed, encrypted and that communication is going to be secure.
the server side certificate is letting us know that
facebook dot com is actually facebook dot com. And it's not someone sitting over in the same coffee shop. Is us pretending that their facebook dot com that's what the certain vested, what our certificate is going to do.
https is our encrypted. Http. It's how we send information over the Internet encrypted. There are still other security measures which we need to take in order to verify that that information is secure and that we're not. We don't we aren't using a proxy that's taking your information, or we aren't hitting a particular
device that is performing SSL stripping,
but those air a little bit more little bit more higher level concepts that we may get into into security plus or maybe even later in this particular module. But all we need to know for https is that it's running over port for for three. It stays for encrypted Http, and it's how we send information encrypted over the Internet
and that it's a TCP protocol
Up Next
CompTIA Network+

This CompTIA Network+ certification training provides you with the knowledge to begin a career in network administration. This online course teaches the skills needed to create, configure, manage, and troubleshoot wireless and wired networks.

Instructed By