Security Basics mailing list archives
Re: Dsniff usage
From: Ron <iago () valhallalegends com>
Date: Wed, 06 Jul 2005 08:44:07 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dsniff will (by default) try to set the NIC to permicuous mode, and it functions like a regular sniffer. So: 1) You need an administrator account to sniff traffic and set permicuous mode 2) It can sniff any traffic that ends up at your network card. So if you're on a hub, you see everything plugged into it, and on a switch you just see your own traffic, or any traffic routed through you. It doesn't use ARP poisoning, you would have to do that yourself (with ettercap or nemesis or something). Hope that helps, - -Ron dissolved wrote:
Can DSNIFF's utilities (ie: urlsnarf) work in a LAN, regardless of the permissions you have on the target PC correct? Does it employ arp poisoning to accomplish this? Any tips for usage? I've heard it's not as stable on the win32 platform. Thanks
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.9.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCy+AnfqSf2EkP4p4RAk0dAJ9TIw3RdLy3a0cRGEmg1bhxIlJrHwCfYVZ2 T8PmZg/5qKghm0BtfoEmMJw= =lmrD -----END PGP SIGNATURE-----
Current thread:
- Re: Source port scanning w/nmap? Gonzalo Martinez (Jul 04)
- <Possible follow-ups>
- Re: Source port scanning w/nmap? matt (Jul 04)
- Re: Source port scanning w/nmap? Johannes Schneider (Jul 05)
- RE: Source port scanning w/nmap? dissolved (Jul 05)
- Re: Source port scanning w/nmap? ChayoteMu (Jul 06)
- Re: Source port scanning w/nmap? Jonathan Glass (Jul 06)
- RE: Source port scanning w/nmap? David Gillett (Jul 06)
- Dsniff usage dissolved (Jul 05)
- Re: Dsniff usage Ron (Jul 06)
- Re: Dsniff usage Geert VAN ACKER (Jul 11)
- Re: Dsniff usage Ron (Jul 13)
- Re: Dsniff usage John (Jul 11)
- RE: Source port scanning w/nmap? dissolved (Jul 05)