Wiki Network
How does Wireshark sniff the network traffic on OSX?
On OSX, Wireshark use /dev/bpf* which is the OSX system's packet capture devices.
On Linux, Wireshark use socket to capture the network interface such as eth0.
TCP handshake
TLS handshake
https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/
Proxy vs Reverse Proxy
Certainly! Let's explore the key differences between a proxy and a reverse proxy:
- Proxy (Forward Proxy):
- Acts as an intermediary between clients (users or devices) and the internet.
- Forwards client requests to the internet resource (e.g., a website).
- Provides:
- client anonymity
- caching
- traffic control
- request/response transformation.
- Commonly used for bypassing content filters and accessing restricted content.
- Examples include:
- Squid
- Proxy
- Tor
- Charles Proxy
- HTTP Toolkit
- MITM Proxy
- Fiddler Proxy
- Reverse Proxy:
- Sits in front of one or more web servers.
- Forwards server responses to clients (users or devices).
- Offers benefits like:
- server anonymity
- load balancing
- DDoS protection
- URL/content rewriting.
- Used for improving server performance and enhancing security.
- Examples include:
- Nginx
- Traefik
In summary, a proxy handles client traffic, while a reverse proxy shields servers by managing requests and responses.
Proxy
Man-in-the-middle(MitM)
https://httptoolkit.com/docs/guides/android/
https://docs.mitmproxy.org/stable/concepts-howmitmproxyworks/