But I expected that the etherXXXXA tmp file would capture
current/realtime traffic, not from the past.
This isn't a criticism of WS. I know that WS is a literal program.
On 3/24/10, Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> wrote:
> M K wrote:
>> That is exactly what I am doing. I log onto my Windows machine, then
>> my ISP, then my proxy. Then maybe go to a few websites, for example.
>> Then maybe after a half hour, I may then start up a WS capture.
>> Still, even after all that time between logons and actually starting a
>> capture, the etherXXXXa tmp file still contains this private info.
>>
>> According to Jeff, the etherXXXXa file only captures what is not
>> encrypted. That makes this even more scary. That means that not only
>> is the info being captured but it isn't even being protected by even
>> low-grade encryption.
>
> Actually, the etherXXXX file captures everything, even if it is
> encrypted. But you'll only find, for example, your password in plain
> text in that file (and in Wireshark's display) if the password is not
> encrypted. (If it were encrypted, your password would not be recognizable.)
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
--
All that is necessary for evil to succeed is that good men do nothing.
~Edmund Burke
