I have a bunch of network data and I would like to determine if it is either 1) encrypted or 2) compressed. I doubt it is both, but the potential exists. If I am assuming that the traditional compression headers are stripped (preventing me from simply running file on the data), then how would you determine whether the data I am looking at is either compressed or encrypted, if it had to be one?
The reason I would think that the compression headers are stripped is because it would be unnecessary information considering both the client and the server know the exact method to compress and decompress the data.
Examples of the application-layer data is posted on http://pastebin.com/0VdR8XQ4 and http://pastebin.com/cF81RTkj