摘要
在一般的Internet站点中,用户通过输入用户名和密码进行登录的方式来获得授权、浏览相应网页、获取相应资源。通常HTTP协议采用的是明文传输方式,用户名和密码非常容易被黑客得到,所以我们必须采用加密协议。文章利用Ethereal抓包工具细致地剖析了SSL的加密过程,对无加密和有加密两种情况得到的结果进行对比,验证了SSL的有效性,并提供了SSL的详细配置,有效地解决了安全登录的问题。
On the normal Internet websites,a user gets authorization by login with his username and password,and then he can browse relevant web pages and obtain relevant resources.But in general HTTP protocol uses cleartext transmission,that hackers can very easily capture usernames and passwords,so we must use encryption protocol.We analyze SSL encryption process in detail by using Ethereal packet sniffer,compare the result with encryption by SSL and without it,verify the effectiveness of SSL,and offer the detailed configuration of SSL,which solves secure login problem effectively.
出处
《计算机时代》
2011年第2期28-30,共3页
Computer Era
