Security Basics mailing list archives
Re: A Solution for sniffing
From: David <dcorking () yahoo fr>
Date: Fri, 20 Dec 2002 20:14:23 -0500
On Fri, 20 Dec 2002, Janssen, Steph wrote:
I'm afraid it only brings a small amount of safety. Also the Promiscous part is getting a bit different. Nowadays most people who sniff, sniff using tools that poison your arp-cache, in your switches. http://ettercap.sourceforge.net/ is a good
This makes the machine sniffing you the machine in the middle, and would it detect an ssh-connection, it wil "put you through" like a receptionist, that way maintaining two sessions. One with you, and one with the server you
Quote from above web page :- SSH1 support : you can sniff User and Pass, and even the data of an SSH1 connection. ettercap is the first software capable to sniff an SSH connection in FULL-DUPLEX According to mailing lists that specilize in ssh, this was due to a bug in SSH protocol v 1, that is not present in SSH protocol v 2 ettercap does not claim to sniff ssh v 2. So until a bug is found in protocol v 2, you need to * acquire an ssh tool that supports it (recent versions of sssh, OpenSSH and puTTy support it) * disable protocol v 1 in this tool (preferably in client and server.) * if your tool warns you about an unknown host key, take it seriously. Transmit and install trusted host keys by a seure channel, as the unknown host key may belong to the 'man in the middle' sniffer. Although I use protocol v 2 for this reason, I am not a penetration tester so have not proven its effectiveness myself. I think that right now I am safe from ettercap kids any way. David.
Current thread:
- RE: A Solution for sniffing, (continued)
- RE: A Solution for sniffing herakel (Dec 18)
- RE: A Solution for sniffing Bruce.Orcutt (Dec 19)
- Re: A Solution for sniffing Shanon (Dec 20)
- RE: A Solution for sniffing wbjw (Dec 19)
- RE: A Solution for sniffing Jose Avila III (Dec 20)
- RE: A Solution for sniffing Jason Kohles (Dec 20)
- RE: A Solution for sniffing Jose Avila III (Dec 20)
- RE: A Solution for sniffing Anthony, Shayla (Dec 20)
- RE: A Solution for sniffing Chris Berry (Dec 20)
- RE: A Solution for sniffing Konrad Rzeszutek (Dec 20)
- RE: A Solution for sniffing Janssen, Steph (Dec 20)
- Re: A Solution for sniffing David (Dec 23)
- RE: A Solution for sniffing Chris Berry (Dec 20)
- RE: A Solution for sniffing Hay, Brennan (Contractor) (Dec 23)
- Re: A Solution for sniffing David Verty (Dec 23)