Encrypted Files: Files converted to data that cannot be easily understood by unauthorized people use algorithms and other processes.
SSL (HTTPS): Acronym for Secure Sockets Layers is a nationally adopted standard security technology used to encrypt online traffic.
There are 3 Categories of Packets sniffing, this post will be
focusing on type 2: Black Hat/ Encrypted data. If you haven’t already
read my post on type 1 packet sniffing I recommend you do so now.
Difference between Type 1 and Type 2
There are 2 Main Difference first being the procedure that has a
couple extra steps involved. Second being the use where type 1 was
mostly for non-malicious purposes and type 2 is quite the opposite. The
extra steps to decrypt the packets require openSSL to be installed on
your computer. While this method is not the only way to decrypt SSL it’s
the easiest way I feel.
Why OpenSSL
OpenSSL is required on the system to decrypt packets using the
algorithmic method well no other software other than your packet
analyzer IE wire shark is required for the brute force method.
Algorithmic method is what I consider the best method it requires you to
have enough packets with single source to decrypt but once you have
enough packets the process is fast. The brute force method is what I
consider the last resort when it comes to SSL these days with such high
encryption to brute force SSL without extremely powerful servers would
take years for one key.
Should I Worry About Type 2?
Yes and no type 2 packet sniffing is only in danger on public
networks or a network that has been compromised so long as you stay off
these are safe. This is why you should not do Internet banking or any
other Internet activity that has to do with sensitive data on public
networks. If you must use public networks you can protect yourself by
VPN tunneling. I also mentioned other compromised network is unsafe and
I’ll talk about how easy it is for someone to hack into your network in
another post.