On Mon, 05 Jan 2009 12:47:20 PST, Tim said: > How is that better, really? Run tcpdump or ettercap... Either of the > tools are off the shelf. And if the site is using a self-signed cert, how does a 3rd party tcpdump manage to get a *decrypted* datastream? Yes, you can still do traffic analysis on the "X talked to Y with packet sizes A, B, and C" level, but you can't look at the data.
Attachment:
pgpCw_tJcKR3s.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/