Posted by David Tulloh on 11/24/05 03:16

I find the LiveHTTPHeaders extension for firefox to be very good for
this kind of thing.
http://livehttpheaders.mozdev.org/

It gives you a realistic (as opposed to theoretical) view of exactly
what is being sent between the browser and the server. Networking
details that you listed like the mac address are handled in the
networking layer rather than by the browser, you probably also want to
look up TCP/IP headers.


David

bruce wrote:

>hi...
>
>this might not be a php question but might still provide interest...
>
>I'm working on a project, and need to know if there's anyone who's a guru
>with Web Server/Client interactions. Basically, I'm trying to get a much
>better/deeper understanding of the HTTP protocols defining the information
>that is sent/transfered between the web server/client browser apps.
>
>I'm interested in understanding what the various information is that gets
>transfered between the apps, as well as understanding what information can
>be spoofed/altered on the client side, as it goes back to the server.
>
>I know you can get the querystring information from the
>get/put/request/etc... I'm more interested in any other information that
>gets transferred as potentially part of the header structure, like machine
>id, mac address, date/time, etc.... I'm interested in whether this can be
>spoofed/altered, and potentially rendered invalid by a 'man in the middle'
>type of attack.
>
>Searching google isn't getting me what i really want!!
>
>So, if you have the skills/expertise in this area, and you're willing to
>talk to me for a few minutes, I'd appreciate it. As stated, the underlying
>reason for the questions is to get a better understanding of 'man in the
>middle attacks' as this applies to web server apps.
>
>Thanks
>
>bruce
>bedouglas@earthlink.net
>
>
>

[Back to original message]