forums.meulie.net

Is this posible?

First this is not some stupid hack question. If i have some admin panel for login without encryption, and when i try to log in, can some attacker from his computer using wireshark, ettercap or any other sniffer to sniff my internet admin panel with login information?

The entire idea with SSL is that it encrypts the data being sent and received. When logging into pages without SSL (aka normal http) any data being past is exactly how it is being entered. This means that passwords and the like would be in cleartext. Using Wireshark, someone could easily look through packet captures that are unencrypted and take out passwords and user accounts that are used. Hope that clarifies things.