Re: Passwordlist in Wireshark - User feedback wanted

[Guy Harris <guy () alum mit edu>]

On Jun 16, 2019, at 9:52 AM, Jasper Bongertz <jasper () packet-foo com> wrote:

> I have seen at least three occasions where the fact that credentials were that easily accessed with a network 
> analysis tool has resulted in a ban of that exact tool by upper management. In one case this affected a freshly 
> bought license of Clearsight, which immediately after receiving the product ended up in a safe under lock and key, 
> never again to see the light of day.
>
> It may sound weird but this is one case of the typcail "what they don't know doesn't bother them". If this function 
> is added some people will suddenly realize the potential that they are currently unaware of, so it's quite possible 
> that Wireshark will be banned when it is currently fine to use it (in enterprise network that usually means admins 
> only, anyway).

Would providing this capability as a "third-party" plugin (even if the "third party" happens to be a Wireshark core 
developer) work?  *Wireshark* doesn't offer it as a built-in capability, but you can drop in a plugin to get it.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe