On Fri, 2013-04-19 at 09:16 -0700, Lisa Kachold wrote:

arpspoof [arp rarp nature of tcp/ip and the linux kernel]

sslstrip [sslstrip decode packets including auth/password and url - run tool to get a list of everything victim sends out or accesses]

So you're assuming that I wouldn't request the SSL connection initially and that the site provides a non-SSL version of its contents. Neither of those scare me, but I could see where that could get some people.

PLUG Hackfests at DeVry University 2nd Saturday 10:00 - 2:00 PM - Lab/Presentation Hackfest with targets and trainers

Unfortunately a bit far for me to travel these days, or I would :-)

Ted