Thank you for the calm and relaxed way you manage to convey content without any form of sensation seeking or unnecessary shouting like many other youtubers do.
Learn how to decrypt TLS, HTTP/2 and QUIC using Wireshark. // MENU // 0:00 ▶ Introduction 1:25 ▶ What is HTTPS vs HTTP2 vs QUIC 6:30 ▶ What is QUIC 9:42 ▶ How long have we been using QUIC 10:12 ▶ Technical tour of QUIC 14:18 ▶ Why use QUIC instead of TCP 17:48 ▶ QUIC negotiation and support 19:04 ▶ Steps to decrypt TLS 20:04 ▶ Is Wireshark useless without the decryption keys 22:16 ▶ MITM 23:47 ▶ Advice on how do I learn Wireshark 25:40 ▶ TCP/IP Illustrated book 25:54 ▶ Rather focus on learning protocols instead of Wireshark 26:35 ▶ Next video ideas // LINKS // PCAP file: davidbombal.wiki/ssldecryptionpcap Previous video: ua-cam.com/video/GMNOT1aZmD8/v-deo.html How to Decrypt SSL with Wireshark - HTTPS Decryption Guide: davidbombal.wiki/sslwireshark Man in the middle Python script: ua-cam.com/video/O1jpck31Ask/v-deo.html Chris shows TLS decryption: ua-cam.com/video/5qecyZHL-GU/v-deo.html Chris Intro to Wireshark: ua-cam.com/video/OU-A2EmVrKQ/v-deo.html // MY STUFF // www.amazon.com/shop/davidbombal // SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal UA-cam: ua-cam.com/users/davidbombal //CHRIS GREER // Udemy course: davidbombal.wiki/chriswireshark LinkedIn: www.linkedin.com/in/cgreer/ UA-cam: ua-cam.com/users/ChrisGreer Twitter: twitter.com/packetpioneer // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
I feel it's important to convey information of this level of sensitivity in a calm way so that the information finds its way to the brain and remains there. You guys have done justice to the topic and the manner of rendering. Thank you, a lot.
I remember my teacher in college trying to tell me that HTTPS was secure in 2012. It was not secure in 2012, he tried to make me look like an idiot even though I showed him proof. Thanks for the video David and Chris!
One always has a chance to avoid MITM when looking at the certificate. HTTPS is not rendered unsecure when one decides to disregard the alarms and trust the connection
#David & #Chris, You both are brilliant human beings. You create videos with higher honesty so that people can learn and earn and you guys never keep any suspense for the viewers. I have observed, that you always ask the correct question even if the guests try to divert from the main topic. Wonderful work for the community. You deserve a lot of blessings. You can understand how much satisfaction I have watching your series.
One complication I've run into is tracing the QUIC back to STUN and TCP. I've created various profiles to help me visualize the UDP Stream, then to the QUIC and STUN IDs. Also, I've been doing performance analysis using TCP with encrypted payloads for a good while now...TCP behavior analysis provides as gold mind of practical performance data show which direction latency is coming from, TCP deadlocks, etc. TCP Illustrate is one of the best, if not the TCP learning narratives. Great Video!
Thing to remember that QUIC was needed because the TCP and UDP protocols cannot be upgraded because the internet connections are full of hardware called middle boxes that can't get firmware upgrades. To provide a better protocol, QUIC was built on top of UDP to give the benefits of TCP without too many of the overheads of TCP.
But that sounds like it takes away the benefits of TCP ? Also what are middle box’s what’s the official name ? Also can someone hijack the Quic connection ID steal the response from the target and use them to impersonate the target to hijack the stream ? Making the server feels like yeah this is the same device only different ip ?
03:45 Thanks David for adding this addon (within the main session). Otherwise, it creates confusion that, on one side, Chris mentioned that everything is happening on one TCP session and, on the other side, Chris mentioned "You can think of each stream as an individual TCP connection." So, basically everything is happening on the main TCP connection but due to advance functionality of the HTTP 2.0, multiple streams are working as on separate TCP connection for better functionality and better user experience.
I would like to see a video on how to identify the dodge stuff happening. They way Chris explained on how can we go ahead and find it out that’s interesting. Please make that content as soon as possible
Thank you so much for this! This helps me a lot in my CS-degree. My lectures often just name drop all of this protocols and jargon, but don’t really go over them I practice - so these vids are really helpful to give my curriculum some context. Keep up the good and important work guys!
This's so thoughtful of you guys... Delivering such a tutorial you have provided a lot of information in a simplified way. Thank you so much #David & #Chris for that
Packets are so cool man! I was so hyped watching this video and seeing how all of this data is around us. Thanks for helping me understand this information
Both the gurus I follow 🙌 Chris you and Lisa Bock have really helped my journey with Wireshark. David of course you are genius - has helped me step up GNS3 labs and helped me with NETMIKO Automation!! Thank you guys for revolutionizing Network Industry!! We definitely need people like you to ease the pain points in Networking.
I've been following QUIC for many moons now, as soon as I had the chance to switch over i did. The speed of UDP with TLS 1.3 is far superior. Doing huge data dumps is so much faster and it's much more reliable and secure.
Another smash hit from the David and Chris Show! Just what the doctor ordered and there's even a part 3 on the horizon - boy are we in for a treat... I wonder what's in store for Christmas 😀🥳🌲
Hii, David, I am a new subscriber. I am sad that I didn't find your channel before. I bought multiple of your course at a discount. I am excited to put in the time and hours during this winter. I was hoping to see a roadmap for 2022.
Around 00:18:12 Chris says he has a client who cannot utilize QUIC because they "don't trust UDP over 443" and have it blocked. What would make them so wary as to block it altogether? I'm sure it happens I'm just unable to understand the particular reason(s) why a network may choose to have it blocked.
I thought multi-path TCP would be the evolution on transport layer, now I am skeptical. Edit: OH! Now I did a litle google search, and came across Multi-Path QUIC. My head just exploted !!
Not to mention this will make it more difficult to do port scanning.. Especially, if the firewall filters ICMP responses. For example, if I'm running an API over QUIC using port 34000 for an IoT device and my IoT software firewall filters port unreachable ICMP that port will look the same as any other... You'd have to craft a QUIC initial packet and assume it's QUIC for each port or simply MITM the device. With TCP all ports that are open must respond to a SYN.
You could technically guard against this too.. if the IoT device connected to your Wi-Fi and then got time from NTP and your phone app does the same you both have a time reference to prevent packet replay attacks. Then the IoT device could not listen for anything until an encrypted broadcast packet hit it telling it to listen on port X for Y time which would be a PSK at the time of factory. You could MITM it to see what port was picked for this session but it would be encrypted and make it more difficult to reverse engineer - likely moving to disassembling the app or IoT device itself.
Hello, was wondering if the decryption could be done using a MITM, for instance the MITM proxy...Would be great to see that happening perhaps in ur next video with Chris!!!!
Love this content David and Chris! I'm doing a project for my DFIR Class and we are using wireshark to analyze the packets thanks for this helps to understand more.
I would really appreciate it guys if you could illustrate how can we use wireshark to analyze WhatsApp web packages and be able to identify the location of the sender, that's for the 1st Qs 2nd question is : how hackers can use our ip address and specify which websites we have registered to using our email and pswd, i've heard that in a video but they didn't show what tool they use to get the websites we sign up to using the ip address I want to whether or not this is true And thank you for such quality content, really helps
So im confused, if you wanted to decrypt QUIC or TLS for a specific IP (assuming android, MAC or Windows host) you would need to extract the keys for all those end hosts and then check the packets for said hosts?
Hi all, this was a great session. I'm blown away. Question though, doesn't QUIC inhibits security appliances from detecting or scanning the user's traffic, for example, a user at the corporate website visited a website that was prohibited, if QUIC was used to open the session to access the website, the security appliance would not be able to block the website, is that correct?
Isn’t IPSEC considered a different transport protocol than TCP & UDP? Since it has its own IP protocol number (ESP 50 and AH 51) or are these being used less frequently? I know AH breaks with NAT so isn’t used that often except gateway to gateway tunnels.
Hello Thomas! I wouldn't describe QUIC as a tunnel, but as a transport layer protocol of it's own that handles the TLS encryption piece as a part of the protocol. The TCP part that you see in the video is only necessary because the browser first reached out to establish a connection over TCP/TLS. As time goes on, as QUIC becomes more common and middle boxes are configured to forward it (some companies block it) the browser will default to QUIC for some connections.
THANK YOU , THANK YOU , THANK YOU, if I keep saying thank you wont be enough , the information shared here is enough to pass and impress an employer , really thank you David , ad Chris . I know I wont use these info daily as I am a network engineer but the knowledge is worthy . May God bless you all.
Does QUIC have any packet format or does it uses UDP's one coz I remembered in UDP there is no part like destination id but needed some clarifications here Thanks😊
I have a question boss what if quick connection I'd compromise, I mean as you said quic doesn't initiate a new handshake if disconnected and resume from same What if next time the destination is a attacker machine who knows your quic connection id and can respond with wrong data.. If my question is incorrect then also please let me know.. Thanks and lots of love to both of u
Hello Vijay - that is a great question. So... short answer. The QUIC protocol has the potential of sending data in the initial packet of the handshake with a server that it has previously connected to. However, in practice we don't yet see this in use. QUIC handshakes every time. One of the concerns to deploying this feature in the wild is the exact one you mentioned, an attacker initiating the new connection. Stay tuned as the industry and the protocol gives us more detail around how QUIC will address this concern!
awsome video. it shall help me with configuration of wafs. only 1 statement is not totally true at this stage of the draft. the first packet of quic is essentially http 1.x or http 2 where the tcp handhake happens and the trust of the connection is build. whould quic work without http1 or http2?
This is a very educative piece. Brilliant conversation and enlightening. Thanks Dave and Chris
Glad you enjoyed it David!
Thank you for the calm and relaxed way you manage to convey content without any form of sensation seeking or unnecessary shouting like many other youtubers do.
Trueee so calm and respectfull and brooo this is so nice to learn with that kind of attitude
Totally agree. I learn better from a conversational pace. Absorption is key.
Learn how to decrypt TLS, HTTP/2 and QUIC using Wireshark.
// MENU //
0:00 ▶ Introduction
1:25 ▶ What is HTTPS vs HTTP2 vs QUIC
6:30 ▶ What is QUIC
9:42 ▶ How long have we been using QUIC
10:12 ▶ Technical tour of QUIC
14:18 ▶ Why use QUIC instead of TCP
17:48 ▶ QUIC negotiation and support
19:04 ▶ Steps to decrypt TLS
20:04 ▶ Is Wireshark useless without the decryption keys
22:16 ▶ MITM
23:47 ▶ Advice on how do I learn Wireshark
25:40 ▶ TCP/IP Illustrated book
25:54 ▶ Rather focus on learning protocols instead of Wireshark
26:35 ▶ Next video ideas
// LINKS //
PCAP file: davidbombal.wiki/ssldecryptionpcap
Previous video: ua-cam.com/video/GMNOT1aZmD8/v-deo.html
How to Decrypt SSL with Wireshark - HTTPS Decryption Guide: davidbombal.wiki/sslwireshark
Man in the middle Python script: ua-cam.com/video/O1jpck31Ask/v-deo.html
Chris shows TLS decryption: ua-cam.com/video/5qecyZHL-GU/v-deo.html
Chris Intro to Wireshark: ua-cam.com/video/OU-A2EmVrKQ/v-deo.html
// MY STUFF //
www.amazon.com/shop/davidbombal
// SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
UA-cam: ua-cam.com/users/davidbombal
//CHRIS GREER //
Udemy course: davidbombal.wiki/chriswireshark
LinkedIn: www.linkedin.com/in/cgreer/
UA-cam: ua-cam.com/users/ChrisGreer
Twitter: twitter.com/packetpioneer
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Sure David sir
Hi i got a question in a cisco router how to i assign myself a autonomous system number? when i get one from a internet registry.?
I feel it's important to convey information of this level of sensitivity in a calm way so that the information finds its way to the brain and remains there. You guys have done justice to the topic and the manner of rendering. Thank you, a lot.
I remember my teacher in college trying to tell me that HTTPS was secure in 2012. It was not secure in 2012, he tried to make me look like an idiot even though I showed him proof. Thanks for the video David and Chris!
why was it not secure?
@@dean6125 not https was insecure, some libs where. en.wikipedia.org/wiki/Heartbleed
One always has a chance to avoid MITM when looking at the certificate. HTTPS is not rendered unsecure when one decides to disregard the alarms and trust the connection
#David & #Chris, You both are brilliant human beings. You create videos with higher honesty so that people can learn and earn and you guys never keep any suspense for the viewers. I have observed, that you always ask the correct question even if the guests try to divert from the main topic. Wonderful work for the community. You deserve a lot of blessings. You can understand how much satisfaction I have watching your series.
One complication I've run into is tracing the QUIC back to STUN and TCP. I've created various profiles to help me visualize the UDP Stream, then to the QUIC and STUN IDs. Also, I've been doing performance analysis using TCP with encrypted payloads for a good while now...TCP behavior analysis provides as gold mind of practical performance data show which direction latency is coming from, TCP deadlocks, etc. TCP Illustrate is one of the best, if not the TCP learning narratives. Great Video!
Thing to remember that QUIC was needed because the TCP and UDP protocols cannot be upgraded because the internet connections are full of hardware called middle boxes that can't get firmware upgrades. To provide a better protocol, QUIC was built on top of UDP to give the benefits of TCP without too many of the overheads of TCP.
But that sounds like it takes away the benefits of TCP ?
Also what are middle box’s what’s the official name ?
Also can someone hijack the Quic connection ID steal the response from the target and use them to impersonate the target to hijack the stream ?
Making the server feels like yeah this is the same device only different ip ?
@@ko-Daegu this was my immediate thought. I can only assume that the keys are required too
To me it sounds like udp over TCP. Udp being the protocol that quic is taking advantage of.
03:45 Thanks David for adding this addon (within the main session). Otherwise, it creates confusion that, on one side, Chris mentioned that everything is happening on one TCP session and, on the other side, Chris mentioned "You can think of each stream as an individual TCP connection." So, basically everything is happening on the main TCP connection but due to advance functionality of the HTTP 2.0, multiple streams are working as on separate TCP connection for better functionality and better user experience.
Amazing teachers. I am so blessed I'm learning all this for free and at the highest quality. Thank you gentlemen.
IKR
I would like to see a video on how to identify the dodge stuff happening. They way Chris explained on how can we go ahead and find it out that’s interesting. Please make that content as soon as possible
That video is coming soon 😀
Identify is certainly
@@davidbombal did it ever came ? soooo looking forward to watching it @david
Thank you so much for this! This helps me a lot in my CS-degree. My lectures often just name drop all of this protocols and jargon, but don’t really go over them I practice - so these vids are really helpful to give my curriculum some context. Keep up the good and important work guys!
hi Mr Bombal it's such good opportunity that chris is here and so we can get the advantage to learn from both of you guys God bless u both thx
You're welcome Majid
Thanks for the comment Majid! Great to meet you.
This's so thoughtful of you guys... Delivering such a tutorial you have provided a lot of information in a simplified way. Thank you so much #David & #Chris for that
Thank you David and Chris for this! I'm still learning a lot of cyber and networking, and you guys are helping A LOT!
watching and learning everyday from this channel. Thank you so much David and Chris
love from Sierra Leone
Thanks David and chris for this precious session. I know now what a QUIC is.
This is brilliant, thanks a lot David & Chris!.
I was just looking for this topic a while ago! Thanks for delivering sir!
I love the detail that these videos are going into. Keep it up!
Just brilliant! Concise and precise information. Thanks to you two.
I really enjoy this duo.
Thank you!
Great stuff! Thanks a lot David & Chris for sharing the knowledge. Your channel really helping with my studies. Bless 🙏
Great to hear that!
Packets are so cool man! I was so hyped watching this video and seeing how all of this data is around us. Thanks for helping me understand this information
Thank you David and Chris for this video. Looking forward for the next video.
Thank you for watching!
Both the gurus I follow 🙌 Chris you and Lisa Bock have really helped my journey with Wireshark. David of course you are genius - has helped me step up GNS3 labs and helped me with NETMIKO Automation!! Thank you guys for revolutionizing Network Industry!! We definitely need people like you to ease the pain points in Networking.
Thanks so much, David and Chris for the wonderful information delivered
Very informative. Keep making this kinda networking and cyber security videos.
Thank you so much!
Deeply in love with your channel and courses in udemy too.
Happy to hear that Peter!
I've been following QUIC for many moons now, as soon as I had the chance to switch over i did. The speed of UDP with TLS 1.3 is far superior. Doing huge data dumps is so much faster and it's much more reliable and secure.
this is interesting, learned a lot . thanks both of you.
This guy Chris, the dude has knowledge they don't kick in college :-) A1 content Dave & Chris
You are the best teacher. Lots of love to U David❤️❤️❤️❤️
Thank you very much!
Another smash hit from the David and Chris Show! Just what the doctor ordered and there's even a part 3 on the horizon - boy are we in for a treat... I wonder what's in store for Christmas 😀🥳🌲
Thank you for watching Nick!
Love You Sir❤
From India in Kerala......🎉
Excellent series. Absolutely loving it!
Awesome, thank you!
Thank you very much for making it simple and easy to comprehend how to use wireshark 🎉
Thank you David and Chris…So nice explanation…..❤️
Thanks David and Chris! Please also do some MITM stuff.
Very interessting topic.... thanks for new Updates 🇩🇪
You're welcome Alex!
Thank you, sir bombal, for your passionate tutorials!
I was waiting for this part! Thank you!
Thanks David for all your great contents and courses, love them.
12:58 can I steal this Conn ID to take over someone else connection and can snoop into their data (maybe even start a MIM attack) or something ?
It's so good sir... Looking forward for more contents with David and Chris sir...😃😃
More to come!
Looking forward to the next installment, which is specifically of interest to me since i have a bit of a cyber stalking issue.
Hii, David, I am a new subscriber. I am sad that I didn't find your channel before. I bought multiple of your course at a discount. I am excited to put in the time and hours during this winter. I was hoping to see a roadmap for 2022.
Very good video!
Actually entertaining and learnt a lot
I'm actually really happy I saw this
Really happy to hear that 😀
Very informative! Thank you! Your channel is amazing!
Glad you think so!
Building the filters and pointing out the weird stuffs from the packets would be fun 😊.. Thank you so much
really super and good information about QUIC, thanks david
Glad you liked it!
You are worth millions respect 🙏
very great questioning and explanation
Awesome videos with Chris! Keep up the good work.
Around 00:18:12 Chris says he has a client who cannot utilize QUIC because they "don't trust UDP over 443" and have it blocked. What would make them so wary as to block it altogether?
I'm sure it happens I'm just unable to understand the particular reason(s) why a network may choose to have it blocked.
great, waiting for more 👏👏👏
Thank you very much for this detailed explanation I appreciate it
Thank you Chris, Thank you David!!! Amazing!!!
Love you guys keep up the good work, hope more videos coming from you guys together.
I thought multi-path TCP would be the evolution on transport layer, now I am skeptical.
Edit: OH! Now I did a litle google search, and came across Multi-Path QUIC. My head just exploted !!
Hey David you make nice and understandable videos keep them coming :)
Thank you!
Another outstanding video!
This video deserves more views
Very informative, thank you!
Thank you for watching!
Really awesome information , Thanks you both sir
Thank you! I really appreciate that!
What a crossover 👏 ❤
Glad you are enjoying the content 😄
wow its is so helpfull, thanks u david keep going the good work.
Glad it was helpful! Thank you!
Quick question😅 LOL, sorry for the pun…. Chris, you are saying that quick is using UDP, and yet I see TCP port 1365 on the video. Why is that? 10:53
Excellent content. Very informative.
Glad you like it! Thank you Nigel!
@Chris, Thanks mate
Great! Glad you liked the content.
Glad you enjoyed the video Abhishek!
Not to mention this will make it more difficult to do port scanning.. Especially, if the firewall filters ICMP responses. For example, if I'm running an API over QUIC using port 34000 for an IoT device and my IoT software firewall filters port unreachable ICMP that port will look the same as any other... You'd have to craft a QUIC initial packet and assume it's QUIC for each port or simply MITM the device. With TCP all ports that are open must respond to a SYN.
You could technically guard against this too.. if the IoT device connected to your Wi-Fi and then got time from NTP and your phone app does the same you both have a time reference to prevent packet replay attacks. Then the IoT device could not listen for anything until an encrypted broadcast packet hit it telling it to listen on port X for Y time which would be a PSK at the time of factory. You could MITM it to see what port was picked for this session but it would be encrypted and make it more difficult to reverse engineer - likely moving to disassembling the app or IoT device itself.
Hello, was wondering if the decryption could be done using a MITM, for instance the MITM proxy...Would be great to see that happening perhaps in ur next video with Chris!!!!
awesome content dave
Thank you Eryc! I really appreciate that!
Againg a usefull video, since old days called Ethereal, Wireshark is a swiss army 💪
Love this content David and Chris! I'm doing a project for my DFIR Class and we are using wireshark to analyze the packets thanks for this helps to understand more.
More of this please 🥰
Really informative one. Thank you
Thank you Raghu!
I would really appreciate it guys if you could illustrate how can we use wireshark to analyze WhatsApp web packages and be able to identify the location of the sender, that's for the 1st Qs
2nd question is : how hackers can use our ip address and specify which websites we have registered to using our email and pswd, i've heard that in a video but they didn't show what tool they use to get the websites we sign up to using the ip address
I want to whether or not this is true
And thank you for such quality content, really helps
So im confused, if you wanted to decrypt QUIC or TLS for a specific IP (assuming android, MAC or Windows host) you would need to extract the keys for all those end hosts and then check the packets for said hosts?
Brilliant content!
Thank you!
Hi all, this was a great session. I'm blown away. Question though, doesn't QUIC inhibits security appliances from detecting or scanning the user's traffic, for example, a user at the corporate website visited a website that was prohibited, if QUIC was used to open the session to access the website, the security appliance would not be able to block the website, is that correct?
Isn’t IPSEC considered a different transport protocol than TCP & UDP? Since it has its own IP protocol number (ESP 50 and AH 51) or are these being used less frequently? I know AH breaks with NAT so isn’t used that often except gateway to gateway tunnels.
you guys rock! thanks for the tips
In short... QUIC is a tunnel in UDP after TCP use for establishing the session with connection ID as key?
Hello Thomas! I wouldn't describe QUIC as a tunnel, but as a transport layer protocol of it's own that handles the TLS encryption piece as a part of the protocol. The TCP part that you see in the video is only necessary because the browser first reached out to establish a connection over TCP/TLS. As time goes on, as QUIC becomes more common and middle boxes are configured to forward it (some companies block it) the browser will default to QUIC for some connections.
What an amazing talk.
THANK YOU , THANK YOU , THANK YOU, if I keep saying thank you wont be enough , the information shared here is enough to pass and impress an employer , really thank you David , ad Chris . I know I wont use these info daily as I am a network engineer but the knowledge is worthy . May God bless you all.
You're welcome Omar! So happy to hear that!
im running firefox ESR on linux, can see QUIC in my captured wireshark packets? thx
Hi i got a question in a cisco router how to i assign myself a autonomous system number? when i get one from a internet registry.?
Can’t wait until Chris Greer is back 😀
Chris and David Bravo! Just so calm explaining with ease. Thank you so much for this video(s). VERY HELPFUL. @Chris;where can I get that T-Shirt?
Does QUIC have any packet format or does it uses UDP's one coz I remembered in UDP there is no part like destination id but needed some clarifications here
Thanks😊
If I recall right there is an inner layer of TLS in QUIC can you show us how to decrypt that one?
I have a question boss what if quick connection I'd compromise, I mean as you said quic doesn't initiate a new handshake if disconnected and resume from same
What if next time the destination is a attacker machine who knows your quic connection id and can respond with wrong data..
If my question is incorrect then also please let me know..
Thanks and lots of love to both of u
Hello Vijay - that is a great question. So... short answer. The QUIC protocol has the potential of sending data in the initial packet of the handshake with a server that it has previously connected to. However, in practice we don't yet see this in use. QUIC handshakes every time. One of the concerns to deploying this feature in the wild is the exact one you mentioned, an attacker initiating the new connection. Stay tuned as the industry and the protocol gives us more detail around how QUIC will address this concern!
great video ❤
Brilliant stuff!
Can you please provide this specific pcap file with the HTTP2?
I would like to see drawbacks of wireshark. Can it have impact on os stack?
Awesome content. Chris is an amazing guy. I would love to see a man in the middle attack. More difficult = More valuable 😍. Thank you
Thank you!
awsome video. it shall help me with configuration of wafs. only 1 statement is not totally true at this stage of the draft. the first packet of quic is essentially http 1.x or http 2 where the tcp handhake happens and the trust of the connection is build.
whould quic work without http1 or http2?
Was Waiting for this video 🙏
Hope you enjoy it!