Wireshark-users: Re: [Wireshark-users] Sniffing Windows Update Traffic
From: "Chad Dailey" <chad@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 14 May 2008 14:33:51 -0500
>From what I've been able to discern (when I put effort into it a couple years ago), most of the update related data sent is obfuscated unless you look at *where* it's going.  Like, XPProSP2 goes to this server, SP1 goes somewhere else, Office2K3 goes somewhere else, etc etc.  A picture can be made of what's installed by watching where traffic goes, so to speak.

On Wed, May 14, 2008 at 2:19 PM, David Robinson <david@xxxxxxxxxxx> wrote:
I have a user concerned with the amount of information being transferred
in the clear about that individuals machine when windows does an
automatic update.  Anyone have any info (experience, references, etc.)
regarding what info is transferred when a windows machine does an
update?  Did a bit of cursory sniffing myself, but the amount of
information is large and kind of have a short suspense on this.  Any
help would be greatly appreciated.  Thanks.
Wireshark-users mailing list