• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Packet Peekers

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> General Security Discussion

View previous topic :: View next topic  
Author Message
Rottz
Just Arrived
Just Arrived


Joined: 29 Mar 2003
Posts: 3
Location: East Coast, USA

Offline

PostPosted: Thu Apr 24, 2003 8:06 pm    Post subject: Packet Peekers Reply with quote

Packet Peekers
BY Marcus Ranum
Packet analyzers give you a worm's-eye view of what's traversing your network
Quote:
Before installing a sniffer, make sure you get authorization. Sniffers allow you to monitor all plaintext traffic traversing the network--including people's passwords, favorite Web sites and personal communications. In some states, employees have to acknowledge in writing that their communications may be monitored. In any case, make sure you're covered legally and procedurally.

source: http://www.infosecuritymag.com/2003/apr/cooltools.shtml

Additional Links:
TCPDump
Ethereal
EtherApe
NGrep
Snort
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Thu Apr 24, 2003 8:36 pm    Post subject: Reply with quote

Yup, yup you gotta love the sniffers. Though as seen NGrep is just a network regex tool. Check out the below noted url for a packet sniffer that does not require libpcap. Nice tool for pen testing. http://www.nextgenss.com/software/ngssniff.html
Back to top
View user's profile Send private message Visit poster's website
Guest







PostPosted: Thu Apr 24, 2003 9:26 pm    Post subject: Reply with quote

How about DugSongs DSniff? Does it get easier than that? Wink On the other hand, that tool is pretty invasive in the sense that it is made for sniffing passwords etc on the wire...

If you want a laugh, go one directory up and see what DMCA brings us Wink
Back to top
delete852
Just Arrived
Just Arrived


Joined: 19 Nov 2002
Posts: 4
Location: Washington DC

Offline

PostPosted: Thu Apr 24, 2003 9:34 pm    Post subject: Reply with quote

You can use an intrustion detection system as a sniffer right. I mean I can do something liked

snort -dev > networklogs.txt

right? And it would the same thing, do sniffers offer ability to search for passwords specifically? Hmm, maybe you can make an alert that goes something like

variable="girlfriends', boyfriends, mom's, dad's email goes here"
alert tcp any any -> any any ( content: "$variable"; msg:"Password Found"Wink

And it will be in your alert file, what do you think?
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Rottz
Just Arrived
Just Arrived


Joined: 29 Mar 2003
Posts: 3
Location: East Coast, USA

Offline

PostPosted: Thu Apr 24, 2003 11:24 pm    Post subject: Reply with quote

delete852 wrote:
And it will be in your alert file, what do you think?

Yeh, Snort is very good for quick/custom rules to capture packets of interest. Like you can use snort to capture IRC convos to see if you spouse/girlfriend is messing with around behind your back. oh, not that I would know anything about that! Shocked
As chr0me said, dsniff is pretty good, it can pick up passwords with webspy, and the other suite of tools included.
Doug also has some good papers like
"Passwords Found on a Wireless Network", D. Song, USENIX Technical Conference WIP, its in postscript format.
Other good articles on dsniff are Network Monitoring with Dsniff and dsniff and SSH are very interesting.
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> General Security Discussion All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register