How can I find unencrypted network connections?

No matter the password or other sensitive information, such as the bank account, important documents, and important commercial communication content with the company, it must be transmitted through secure data links. When we access an important website, we will find that the URL in the address bar is written with https ://. When you need to share folders with colleagues, you will first enable VPN to ensure that important data transmission will not be intercepted by others. Some people who are more sensitive to security issues may even manually check the security certificate after a recent intrusion into the CA.
 
However, these problems only cover a small part of our daily online activities. We initiate a large number of Internet connections every day, and the connection between the computer and remote server is not always in the HTTP mode. It is possible to send information to the remote server through the unique protocol and port. Are these connections that we cannot see safe? How can we know whether the data sent by these connections is sent in plaintext? Next, let's sort out common secure or non-secure network connections.
 
Email
 
The first and most common case is email. Different protocols are used to send emails. Some of them are secure, while others are not. First, you can use Gmail or other Web-based email websites to determine whether it is secure. Even if SSL connections are not specified for the website, you can use Firefox plug-in like Firebug or the developer console in Chrome to check whether the mail sending button is linked to the security page.
 
However, if you are using a desktop email client like Outlook, the situation is complicated. If you use the Microsoft Exchange Server in an enterprise email system, the connection should be secure if the configuration is correct. In the POP3 settings of Exchange, you only need to select Secure Logon as the login mode on the Authentication tab. Similarly, if Hotmail messages are sent and received directly through Outlook or Live Mail, the connection is encrypted.
 
If the email system you use is POP3 or IMAP from the ISP, it may not be safe enough. By default, these protocols send emails and user information in plain text, including your email account password. ISP should add the encryption function for the connection, but many ISPs do not.
 
File Transfer Protocol
 
There are many ways to transfer files over the Internet, from shared folders to Web-based file services such as DropBox. The oldest and simplest method of file transfer is to use FTP. Although FTP servers and clients support encryption through some configurations, FTP is not encrypted by default. If you have run the Microsoft FTP server, you only need to set the ftp ssl Settings in the Connections Panel of the IIS manager.
 
A typical FTP application is to upload files to a Web site. I have seen many times that someone uses a Web host with a Web login panel. They think it is safe to connect to the configuration panel, but then they use an FTP client to transmit files to the Web host, the username and password used in this process are sent in plain text.
 
Telnet
 
Currently, Telnet is not used much, but some users still use it occasionally. Many hosts provide the Telnet function, allowing you to directly connect to the server and execute commands using command lines. Telnet programs and protocols are not encrypted, but SSH can be used for encryption.
 
Telnet is not only used for hosts. If you are an IT administrator, You need to configure a router. Unless you manually configure SSH, you may use Telnet. Some routers pay more attention to security and require the Administrator to create a certificate and sign the certificate before enabling SSH. Therefore, we generally choose to use a serial line to directly connect to the router for configuration, rather than through the network.
 
Other programs
 
Each of us has many programs installed on our computers, some of which will communicate with remote servers from time to time, and some will also transmit account information. These programs may be based on Adobe AIR's Twitter client, Gmail Notifier plug-in, DropBox client, or your IM software, such as Windows Live or QQ. In short, there are many such software. So how can we know that these software sends data encrypted?
 
In fact, you do not need to go to the software vendor's website to query the FAQ for such information. Instead, you can enter the netstat command on your computer to list the current network connection status for security query. You can enter this command in the command line mode window. The connected remote IP address and port number are displayed in the third column of the returned result. Any port that uses 443 or HTTPS is a secure connection.
 
I prefer to use the data sniffer for determination. This tool can help us find out whether organic information is leaked. Specifically, I prefer Microsoft Network Monitor. You can download this product from Microsoft's website for free, but many people prefer Wireshark.
 
Of course, using these tools requires you to have certain analysis capabilities on the scanning results, but by viewing the port opened by each program and the relevant information of the remote host, you can see the data transmission situation intuitively. If you can see the plaintext information in a data connection, the connection may be an unencrypted and insecure connection. If you do not understand the transmitted data, or have been marked as a TLS or SSL connection, you can rest assured.