Xfeatures 3 Posted ... Hi all, I'm hoping for an answer on this, i'll show you the setup first then the question. Here's the setup: Linux server running web server and using AirVPN(Eddie)port forwarding a HTTP port 80 web page with chat function----(no HTTPS)IIIConnected to InternetIIServing the webpage using AirVPN Exit IP and Forwarded PortIIWindows 10 client connecting to AirVPN Exit IP and Port via web browser and then using the web chat service in http not in https.The Windows 10 client is not running a VPN or any special software. The Question: Is the connection between the client and the AirVPN exit node encrypted even though the client doesnt have VPN software installed? I know that that might sound silly but I would have thought the answer would have been no, so to check this I MITM my WiFi connection but could only see QUIC, TCP, UDP and HTTP coming from the client in Wireshark. The QUIC UDP were encrypted payloads and I searched the HTTP packets data for the plain text messages I was sending in the chat page but couldn't find it, in fact none of the packets were readable other than the source and destination parts. So to recap: Is the clients connection to the AirVPN Exit nodes IP and PORT encrypted? and if so how when im not running a vpn? is it the session to the airvpn exit node? can the data be read in plain text the same way it would on a normal LAN if i was doing packet capture on the HTTP? Please discuss Quote Hide Xfeatures's signature Hide all signatures “It takes years to build a reputation and few minutes to ruin it.” Share this post Link to post
nick75 25 Posted ... Hi, A VPN only protects what happens between the device running OpenVPN and the VPN server — provided that you took the necessary steps to prevent leaks.If you want the rest of the traffic to be protected you'll have to enable HTTPS or SSH port forwarding. I searched the HTTP packets data for the plain text messages I was sending in the chat page but couldn't find it, in fact none of the packets were readable other than the source and destination parts. If it's in plain text (http), you must have missed it. Quote Share this post Link to post
Xfeatures 3 Posted ... If it's in plain text (http), you must have missed it. Ok so i just ran a Wireshark again and managed to get a bit better of an understanding.... (a little bit of sleep helped lol) I closed as much stuff as i could running on my client machine and connected to my web chat via the AirVPN IP and forwarded port. Turns out that the HTTP packets were actually from AVAST The TCP packets were capturing the webpage connection as expected but when i sent messages using thein browser chat they were sent as a WebSocket and it had a masked payload. that's why i couldn't find my messages lol. https://docs.tibco.com/pub/api-exchange-gateway/2.2.0/doc/html/GUID-23A6FCC8-3527-4EF2-ACD0-895A5A2ACE21.html See attached pictures. Needless to say I will be changing to HTTPS anyway but it was a good experiment. 1 OpenSourcerer reacted to this Quote Hide Xfeatures's signature Hide all signatures “It takes years to build a reputation and few minutes to ruin it.” Share this post Link to post
Not connected, Your IP: 18.226.93.209
Online: 22817 users - 261885 Mbit/s total BW