Using Packet Sniffers

<< Click to Display Table of Contents >>

Navigation:  Testing >

Using Packet Sniffers

 Previous pageReturn to chapter overview

When testing web server traffic it is sometimes extremely helpful to see the raw data packages that are exchanged between the server and the client. But inspecting individual internet packages is not a trivial task. The good news is that there are free software products out there to do just that. We used Wireshark.  Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998 and it is free. You can download it here.

Again it would be too much for this documentation to explain Wireshark, but in the following we want to showcase a few steps that we took.

After selecting the appropriate interface in Wireshark, you will see all packets being transmitted through the selected interface. This includes HTTPS traffic, which can be decrypted provided you have the private key in a decrypted PKCS#8 PEM format. The binary DER format cannot be used with Wireshark. This is a useful feature, but to control the packet flow and avoid unnecessary setup we suggest you use the test port provided by HIPAAsuite RealTime Server.

Wireshark will present you with all network traffic flowing over the selected interface. Filtering by HTTP or XML will allow you to quickly locate the SOAP packets. The following example packets were captured by Wireshark while monitoring HIPAAsuite RealTime Server's traffic over the HTTP test port.

 

270 Eligibility Request message:

WSTest02

Sample 270 request as captured by Wireshark. Note the Header containing username/password authentication data and the body containing EDI transfer metadata.

271 Eligibility Response message:

WSTest03

Sample 271 response as captured by Wireshark. Note the body containing EDI transfer metadata.

These examples show the messaging structure and all elements contained within as they are sent to and from HIPAAsuite RealTime Server. Wireshark is a useful tool to monitor the contents of the packets being transmitted.