SYSK 194: “X-Ray Vision” of HTTP Traffic

Your browser knows that

http://www.microsoft.com is running IIS 6.0/.NET 2.0 as the web server

http://www.google.com ‘s web server is GWS 2.1

http://www.eweek.com is running on IIS 5.0

http://www.shopping.com uses Apache 1.3.33

http://en.wikipedia.org uses PHP 5.1.2 running on an Apache server

and so could you….

 

In fact, you could view much of the data that is not displayed in the Web browser, such as the HTTP headers that are included in the Request and Response packets.

 

Why would you want to do that?  How about troubleshooting web site problems?!!

 

There is a great tool that comes with IIS resource kit -- WFetch -- (available for download at http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en) that allows you to:

1. Issue commands using multiple HTTP verbs -- GET, HEAD, PUT, DELETE, TRACE, POST, OPTIONS – entered either manually or read from a file.
2. Set the server (host) name
3. Configure TCP port to be used
4. Use either HTTP 1.0 or HTTP 1.1
5. Choose between multiple authentication types -- Anonymous, Basic, NTLM, Kerberos, Digest, and Negotiate
6. Use different connection types -- HTTP, HTTPS, PCT 1.0, SSL 2.0, SSL 3.0, TLS 3.1
7. Choose a proxy (or no proxy)
8. Use client-side certificates

 

Once you issue a command, you can view the results, i.e. the HTTP traffic that goes between client and server, either on the screen or log it to a file.

 

As a web developer, this is one of the tools you definitely want to have in your tool belt!