Security Basics mailing list archives
RE: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618
From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 26 Jun 2003 08:53:41 -0700
Sniffing requires collecting packets that aren't addressed to you. Under *normal* circumstances, a switched network will only deliver (a) broadcast traffic, and (b) traffic addressed to your MAC address, to your physical port. You cannot magically reach out through the switch to collect packets sent to other ports. There are several techniques for getting a switch to send traffic intended for other stations to your port, where your sniffer software can grab it. Some require management access to the switch (and are used routinely by network admins). Some require nasty tricks such as ARP poisoning. All are exceptions to the "*normal*" in the previous paragraph. David Gillett
-----Original Message----- From: David Wallraff [mailto:wall0448 () ece umn edu] Sent: June 25, 2003 08:33 To: Meidinger Christopher Cc: 'Hilal Hussein'; Security-Basics@Securityfocus. Com (E-Mail) Subject: Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 why is it harder to sniff over a switced network? i understand it's becasue of the switch (natch), but what makes it more difficult? dave On Wed, 25 Jun 2003, Meidinger Christopher wrote:Hello Hilal, Yes, there are many tools that will do that. dsniff,ettercap, ethereal andMANY others will read your password as it goes by on the wire. It is slightly more difficult on a switched network, but it canstill be done.You should not use telnet at all, use ssh (www.openssh.org)instead. Thewindows client PuTTY is the most common choice to connectover ssh fromwindows. As far as starting an ssh server on the firewall,you should beable to do that in the same way that you started the telnet server. If you need more exact help, post to the list what type offirewall you areusing, and i am certain someone will help you get started. (Disclaimer: based on your question, you should [IMHO]definately read up abit on security before configuring a firewall) badenIT GmbH System Support Chris Meidinger Tullastrasse 70 79108 Freiburg -----Ursprüngliche Nachricht----- Von: Hilal Hussein [mailto:hilalma () hotmail com] Gesendet: Tuesday, June 24, 2003 10:08 AM An: bugtraq () planetcobalt net; security-basics () securityfocus com Betreff: Re: security-basics Digest 18 Jun 2003 22:09:15-0000 Issue 618Hello All, i am not sure if i am asking the right question within thesame subject,buti am configuring the firewall throught the telnetconnecting / from winxpworkstation. Is there any possibility for any internal user to use anytools that willhaijack my telnet password - password for the firewalltoo!, and what arethe measurements for securing the telnet session. with regards, Hilal Hussein _________________________________________________________________ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail-------------------------------------------------------------- -------------Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader bytop analysts!The Gartner Group just put Neoteris in the top of its MagicQuadrant,while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secureremote access inabout an hour, with no client, server changes, or ongoingmaintenance.Visit us at: http://www.neoteris.com/promos/sf-6-9.htm-------------------------------------------------------------- ---------------------------------------------------------------------------- -------------Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader bytop analysts!The Gartner Group just put Neoteris in the top of its MagicQuadrant,while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secureremote access inabout an hour, with no client, server changes, or ongoingmaintenance.Visit us at: http://www.neoteris.com/promos/sf-6-9.htm-------------------------------------------------------------- ---------------------------------------------------------------------------- ------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm -------------------------------------------------------------- --------------
--------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 Meidinger Christopher (Jun 25)
- Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 David Wallraff (Jun 26)
- RE: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 David Gillett (Jun 26)
- Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 Mitch Pirtle (Jun 26)
- Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 Rodney Green (Jun 27)
- <Possible follow-ups>
- Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 Justin Pryzby (Jun 26)
- Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 Mitchell Rowton (Jun 26)
- Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 Chris Berry (Jun 27)
- Re: AW: security-basics Digest 18 Jun 2003 22:09:15 -0000 Issue 618 David Wallraff (Jun 26)