After you use apr posioning from cain to sniff out usernames and passwords how do you decrypt the information you receive. On another note how do you figure out what encryption a website is using? Also, can someone tell me or guide me somewhere that explains certificates because when I sniff myself sites like gmail cause endless popups of invalid certificates.