[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] FTP session - sniffing clear text password?

  • Subject: Re: [Openvpn-users] FTP session - sniffing clear text password?
  • From: Timm Wimmers <timm@xxxxxxxxx>
  • Date: Sat, 18 Aug 2007 11:37:24 +0200

nobledark@xxxxxxxxxxxx schrieb:
> OK, well, after several hours of worrying and poring through old 
> archive threads, I finally found an old hub and hooked it into my 
> network then ran Ethereal on a separate laptop - the data is 
> encrypted. Apparently when sniffing on the local client, I am 
> seeing the data before it's encrypted and I can't see the data 
> after it's been ciphered (at least I do not know how on XP - 
> couldn't see anything over "eth0").
> Sorry for the false alarm...

The tap or tun device is a virtual interface (that means it is software,
not hardware) that takes the unencrypted data from your clients (ftp,
jabber, smb, etc.), this is the data you can catch with ethereal on
these devices and - who guess - it's unencrypted.

After then, the tap or tun device takes the data and encrypt it with
OpenSSL and sends the encrypted data over your real interface to the
other side of your tunnel. So if you want that ethereal see encrypted
data, you must tell etheral to catch data from your real interface, not
from the tap or tun device.


Openvpn-users mailing list