This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
I was reading Head first book on servlets and jsp . I can clearly understand how SSL is used for data confidential and integrity but what i was not able to understand was that how can an eavesdropper gain copy of the HTTP request of the victim?
It's possible to observe network traffic of the entire network you're on; that's actually rather easy if you're technically savvy. The "network you're on" could be 1) everybody in your office, 2) every customer of an internet cafe where you connect via Wifi, 3) everyone of your family who connects to the same Wifi base station at your home. #2 -where there may be people with nefarious intentions- is why you need to be very careful what you send via Wifi from a public hotspot - use SSL for web sites and email as much as possible.
There are no examples, because AFAIK, core Java doesn't provide an API that will help you implement packet sniffers. I think the original creators of Java wanted to stay away for allowing people to implement hacking programs in Java. You can implement a eavesdropper using languages like C++ that let you call the OS directly. There are libraries available that are implemented in C++ and can be called from JNI. It's not hard to find something that you can use to implement a packet sniffer in Java.
At the wire level, the way data is passed around on the internet is more or less very similar to how kids pass notes in class. One kid writes a note, folds it and passes it to his/her neighbor. That kid passes it to the next and so on until it reaches the destination. Kids rely on a code of honor that says that you will not peek. However, there is nothing secure about the note. Within a LAN , the communication is very similar to how people communicate in a family gatherings:- Ideally, everyone sits around the table and people take turns talking. Everyone can hear what the talker is saying. They just ignore what is being said if they are not interested.