Thanks micole for this awesome tutorial. I was successful in sniffing SSL passwords but could someone tell me what's the difference between this howto and g0tmi1k's ( http://www.backtrack-linux.org/forum...-sslstrip.html ) who uses sslstrip, arpspoof and ettercap to do the same thing ? Thanks