d17b1a52   
   From: not.my.real@email.address   
      
   On Wed, 16 Jan 2008 08:33:50 GMT, CollegeGuy wrote:   
      
   > If....in theory someone was able to get onto a router running BusyBox,   
   > and then run 'tcpdump', would it be possible to grab things like   
   > passwords which ran over the connection? Even SSL ones?   
      
   Your theoretical someone could only get the raw data, which would   
   require further (probably human) interpretation. IIRC SSL passwords are   
   encrypted, so your someone would only see *those* passwords in their   
   encrypted forms (which would require cracking, a maybe/maybe not long   
   and tedious process (depending on several factors like machine speed,   
   operator knowledge, whether or not the pwd is a dictionary word, etc)).   
      
   OTOH anything sent in plain text is up for the grabbing -- assuming that   
   your someone recognizes the plain text as even *being* passwords.   
      
   --   
   Easy, wasn't it? Don't know why they bother to pay me.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)