Penetration Testing mailing list archives

Re: [PEN-TEST] snoop ona live telnet session?

From: Peter Van Epp <vanepp () SFU CA>
Date: Wed, 29 Nov 2000 17:33:57 -0800


Hi,

Quoting Mordechai Ovits (movits () OVITS NET):

Does anyone know of a tool that will allow me to snoop on a live telnet
session?  I'd like to be able to run this on a firewall to see sessions as
they pass through.  Sort of like what ethereal does with "follow TCP

I like 'hunt' for this.

What I for myself really would like to know, is what tool(s) are used for
the replaying of sessions used on the Takedown site
(http://www.takedown.com, i think) - They have a couple of ports open on
their server, and if you telnet into it you can see 'live replays' of
sessions in your terminal.
It would be useful to be able to show examples of attacks, and to replay
_real_ sessions on a moment different than when they take place.
The server/replayer thing also supports stuff like scrolling back and forth
in time, or changing the speed of the replay.


        While I don't know if this is what this site is using, tcpreplay from
www.anzen.com in research / nidsbench will replay a tcpdump data stream at
variable speeds (up to a full 100 on a fast machine).

http://www.anzen.com/research/nidsbench/

Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada

Current thread:

Re: [PEN-TEST] snoop ona live telnet session? Mordechai Ovits (Dec 01)
- <Possible follow-ups>
- Re: [PEN-TEST] snoop ona live telnet session? Peter Van Epp (Dec 01)
- [PEN-TEST] snoop ona live telnet session? Mike Ahern (Dec 01)
- Re: [PEN-TEST] snoop ona live telnet session? NetW3.COM Consulting (Dec 01)
- Re: [PEN-TEST] snoop ona live telnet session? Magnus Bergman (Dec 01)
- Re: [PEN-TEST] snoop ona live telnet session? Scripter * (Dec 01)