Penetration Testing mailing list archives

Re: dsniff wierdness

From: "Mark Owen" <mr.markowen () gmail com>
Date: Sat, 18 Feb 2006 22:59:05 -0600

On 2/17/06, Matt Glaves <matt () glaves org> wrote:

I have a Debian box running 2.6.15 that only logs traffic destined for
the box.


If the filter on dsniff is set to only log traffic destined to the box
then all other packets sent through the proxy is ignored.

There  is 5Mbit of proxy traffic going through the nic and it
doesn't see any of it.  If I start pop3 on the box and telnet to it from
a remote PC it gets logged in dsniff properly.


Telnet is destined to the box and is therefore shown on dsniff.
Or have I just completely misunderstood the scenario?



--
Mark Owen

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

dsniff wierdness Matt Glaves (Feb 18)
- Re: dsniff wierdness Mark Owen (Feb 19)
- <Possible follow-ups>
- Re: dsniff wierdness stylewar (Feb 19)
  - Re: dsniff wierdness Nagareshwar Talekar (Feb 23)
    - Re: dsniff wierdness Matt Glaves (Feb 23)