Penetration Testing mailing list archives
Re: sniffing plaintext protocols
From: Shreyas Zare <shreyasonline () yahoo com>
Date: Mon, 31 Jul 2006 03:53:16 -0700 (PDT)
Hi,
I have read many articles about sniffing, spoofing and relaying. So far I learned that it is possible to connect a host, hostA, between two existing hosts, host1 and host2, in order to sniff e.g. plaintext protcols like telnet, pop3, and ftp.
You can sniff traffic between two or more hosts if you are on the same network. Ethereal is a very famous and FREE sniffing tool, you can get it from www.ethereal.com
1) Is this only in a local network possible or also in the Internet?
Its possible if and only if you lie on the same network. The network may be private/internet. You must be connected to the same pipe. Another ways of sniffing would be like getting remote access to a host with help of a trojan and use a sniffing code inside the trojan to capture packets in files and email it to you. You can also sniff a ethernet cable using a wire Tap if you dont have network access. Tap device would require you to have physical access to the ethernet cable, and be able to cut it, connect both the ends to it and connect the third end to your machine. All the packets/frames passing through the ethernet cable will be tapped and you will be able to sniff it using a sniffing software. If the network is wireless... no problem, just get a wi-fi card and start sniffing (you must be in the wi-fi access point range by the way)
2) I would lik to test such a scenario in my private local network in order to prove myself and my team, that this is really possible.
Yes. Use Ethereal. If you are using a Hub inside your network, you would see all the packets to/from all the hosts connected to the hub. If you are using a switch, you would see all the packets to/from your machine and broadcast packets. You can sniff packets from another machines connected to the switch with a technique known as ARP Poisoning. This method is called active sniffing.
Can anybody provide me a kind of how-to for this scenario. I run different linux machines on my local network and on hostA I have various tools installed like dsniff, hunt, fakerout, P.A.T.H, wireshark, etc.
Ethereal is also available for Linux. Just install it, run it, start sniffing on the interface you are connected to the network. Finally, you must have good know how about different protocols. If you are new, all the packets sniffed by ethereal may overwhelme you. Shreyas Zare Co-Founder, Technitium eMail: shreyas () technitium com ..::< The Technitium Team >::.. Visit us at www.technitium.com Contact us at theteam () technitium com Technitium Personal Computers We belive in quality. Visit http://pc.technitium.com for details. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- sniffing plaintext protocols itsec.info (Jul 30)
- RE sniffing plaintext protocols Francois Labreque (Jul 31)
- Re: sniffing plaintext protocols s-williams (Jul 31)
- Re: sniffing plaintext protocols Shreyas Zare (Jul 31)
- Re: sniffing plaintext protocols Dotzero (Jul 31)
- Re: sniffing plaintext protocols Lee Lawson (Jul 31)