Penetration Testing mailing list archives
Re: How to sniff packets from afar?
From: Dug Song <dugsong () monkey org>
Date: Thu, 8 Nov 2001 18:25:23 -0500
On Thu, Nov 08, 2001 at 03:40:00PM -0500, ET LoWNOISE wrote:
You dont need to own the router, you can use your pc to become a routerthen spoof the routing protocols used to reroute the traffic to you and then sniffit.
besides route hijacking (oy), there's also RMON, which was designed ages ago for exactly this purpose. that is, if you're lucky enough to find an open device that supports the filter and capture groups, and can tolerate potentially lossy sniffing: http://www.csu.edu.au/special/auugwww96/proceedings/wang/wang.html perhaps Robert Graham would like to chime in here? :-) -d. --- http://www.monkey.org/~dugsong/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: Using Null Session information from NAT.EXE bs (Nov 01)
- <Possible follow-ups>
- Re: Using Null Session information from NAT.EXE Tom Fischer (Nov 01)
- RE: Using Null Session information from NAT.EXE Pierre Kroma (Nov 03)
- Re: Using Null Session information from NAT.EXE Windex King (Nov 01)
- How to sniff packets from afar? Shawn Duffy (Nov 05)
- Re: How to sniff packets from afar? Penetration Testing (Nov 08)
- Re: How to sniff packets from afar? ET LoWNOISE (Nov 08)
- Re: How to sniff packets from afar? Dug Song (Nov 08)
- How to sniff packets from afar? Shawn Duffy (Nov 05)