2
I know that using SSL doesn't stop third parties from seeing what you're connecting to. Does it also not protect against third parties seeing what port you're connecting on?
Blacklight Shining
Posted 2012-08-23T21:00:07.993
Reputation: 2 127
Can port numbers of SSL connections be sniffed?
Answers
7
Yes, they can.
To test this, I opened wireshark and browsed an SSL encrypted website.
Encapsulation is as follows:
- Frame
- Ethernet
- IP
- TCP
- SSL/TLS
- Application protocol such as HTTP or SMTP (which contains your data).
Another proof of concept would be this: If the port numbers were encrypted, a layer 3 device such as a NATing router would have no idea where to forward the traffic to.
Erik
Posted 2012-08-23T21:00:07.993
Reputation: 86
So only things in layers five and six are encrypted? What exactly do each of the layers contain? – Blacklight Shining – 2012-08-23T21:34:23.633
2
@BlacklightShining Explaining each of the layers is a bit beyond the scope of comments here, but you should look up the OSI Model for how data is ideally separated into layers, and the TCP/IP Model for how data is realistically separated into layers (because some of the distinctions in the OSI model are not worth the processing overhead, some layers are merged into a single layer in the TCP/IP model).
– Darth Android – 2012-08-23T21:57:07.840