Hello! I was reading thru the list and decided to give Cain & Abel a try... it is a really powerful tool, I do have a question, I was running it using the ARP poisoning from one of my test machines to my internet gateway.. (Cisco 3600 series) I logged into my On-line banking account, which is an SSL connection, and Cain & Abel picked up my username and passsword as "Clear text"... I guess I am confused about this... when I goto the site, it is an SSL site,it appears that the entire session is SSL, and Cain & Abel is not doing any sort of "Cracking" and if the software "Cain & Abel" is doing some sort of sniffing, wouldn't it be encrypted via SSL? I would like to know how this works... I have work with Apache and SSL, and am unsure how this is happening... thanks in advance. Cheers~ Pete. --------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed May 21 2003 - 10:44:02 PDT