Security Basics mailing list archives
RE: Dsniff usage
From: "Dieter Sarrazyn" <dsr () ascure com>
Date: Tue, 12 Jul 2005 08:34:28 +0200
Just remember that dsniff is one-way arp spoofing ... and can have funny results in windows environments ...
-----Original Message----- From: John [mailto:naverxp () yahoo com sg] Sent: vrijdag 8 juli 2005 19:00 To: Ron Cc: dissolved; security-basics () securityfocus com Subject: Re: Dsniff usage Hi all Pardon me for correcting your mistake. 1) Set your card to promiscuous mode. (passive-mode) 2) Dsniff comes with arp poisoning i think. :) Ron wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dsniff will (by default) try to set the NIC to permicuousmode, and itfunctions like a regular sniffer. So: 1) You need an administrator account to sniff traffic and set permicuous mode 2) It can sniff any traffic that ends up at your networkcard. So ifyou're on a hub, you see everything plugged into it, and on a switch you just see your own traffic, or any traffic routed throughyou. Itdoesn't use ARP poisoning, you would have to do that yourself (with ettercap or nemesis or something). Hope that helps, - -Ron dissolved wrote:Can DSNIFF's utilities (ie: urlsnarf) work in a LAN,regardless ofthe permissions you have on the target PC correct? Does itemploy arppoisoning to accomplish this? Any tips for usage? I've heard it's not as stable on thewin32 platform.Thanks-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.9.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy+AnfqSf2EkP4p4RAk0dAJ9TIw3RdLy3a0cRGEmg1bhxIlJrHwCfYVZ2 T8PmZg/5qKghm0BtfoEmMJw= =lmrD -----END PGP SIGNATURE-----Send instant messages to your online friends http://asia.messenger.yahoo.com
Current thread:
- RE: Dsniff usage Dieter Sarrazyn (Jul 12)