Plaintext Protocols: What Attackers See
Examine real Wireshark captures of unencrypted HTTP, FTP, and Telnet traffic.
HTTP: Everything in the Open
HTTP transmits all data as plain ASCII text with no encryption. When you submit a login form over HTTP, the browser sends a POST request containing your username and password in cleartext. Anyone on the same network segment, or any router between you and the server, can read the complete request including credentials, session cookies, and any sensitive form data.
Telnet: Legacy Remote Access
Telnet was the standard remote terminal protocol before SSH. Every keystroke typed in a Telnet session travels to the server as a single unencrypted TCP packet. An attacker capturing network traffic sees not just the username and password at login but every command typed and every line of output displayed, enabling complete session hijacking with no cryptographic barriers.
All lessons in this course
- Plaintext Protocols: What Attackers See
- How Packet Capture Works
- Encrypted Traffic Analysis
- DNS Security: DoH and DoT