Ethereal-users: Re: [Ethereal-users] Query
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
Babur Khan wrote:
i have made a driver which encrypts/decrypts incoming/outgoing ip packets, i
used windows NDIS to build the driver and have implemented IPsec with SHA1
for authentication and AES for encyrption/decryption.The driver is working at
the Data Link Layer.The Problem is that when i tried to capture packets with
Ethereal 0.10.11 with WinPcap 3.0 (sent meaages several times like 'net send
computer2 what is your name?') i been to able to seen the data field as plain
text.
If the packets you're capturing are being sent by or received by the
machine running Ethereal, then the problem is probably that WinPcap
connects to the network interface at a layer that lets it see outgoing
packets before they're encrypted and see incoming packets after they're
decrypted. I'm not an expert in NDIS; you might want to ask the WinPcap
developers about this.