Subject: Encrypted connections can be hijacked at the ISP?
To: None <>
From: Ram Chandar <>
List: netbsd-advocacy
Date: 12/12/2001 15:31:05
The tool at boasts the following.

Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN.
It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. 

SSH1 support : you can sniff User and Pass, and even the data of an SSH1 connection. ettercap is the first software capable to sniff an SSH connection in FULL-DUPLEX

HTTPS support : you can sniff http SSL secured data... and even if the connection is made through a PROXY

Does this mean that this tool (which works on NetBSD) represents a threat to our
encrypted connections such as SSH, HTTPS etc can now be hijacked easily by
people at ISP, Corporate Network etc? 

Ram Chandar.