Penetration Testing mailing list archives

Re: [PEN-TEST] Deploying a Win32 Sniffer

From: "Harrington, Chris" <harringtonc () CERTCO COM>
Date: Wed, 29 Nov 2000 08:04:25 -0500

Windows 2000 uses winsock 2.2 that supports raw sockect similar to the way
Unix does. A packet driver is not required. Natas is one example, found at
http://intex.ath.cx/natas.shtml

Regards,

Chris

---Original Message-----
From: Parth Galen [mailto:parth_galen () LYCOS COM]
Sent: Tuesday, November 28, 2000 4:37 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Deploying a Win32 Sniffer


I have heard several people say that once you compromise a minor target you
might want to install a packet sniffer to pickup IDs and passwords on the
wire.

The sniffers I have used (for example, DSniff for Win32) require a packet
driver to be installed on the system and it be rebooted. Is there some way
to sniff IDs/Passwords without that type of packet driver?

--------------------------------------------------
"There is fine line between Evaluation and Felony"
--------------------------------------------------


Get FREE Email/Voicemail with 15MB at Lycos Communications at
http://comm.lycos.com

Current thread:

[PEN-TEST] Deploying a Win32 Sniffer Parth Galen (Nov 29)
- Re: [PEN-TEST] Deploying a Win32 Sniffer MadHat (Nov 30)
- <Possible follow-ups>
- Re: [PEN-TEST] Deploying a Win32 Sniffer Harrington, Chris (Nov 30)