Penetration Testing mailing list archives

Re: Sniffing on a switch

From: mike jablonski <mkj () swissmail org>
Date: Fri, 28 Oct 2005 23:18:45 -0600

hahaha  YES you can!!  ;)

http://ettercap.sourceforge.net/

This is a great sniffing tool.  If you don't have admin rights to setup
mirroring on the switch; use ettercap.  

Have fun!
-- 
jabber
"paranoid by default"


Quoting Andy Meyers <andy.meyers () hushmail com>:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Now i know people say you "cant" sniff on a switch and I know about ARP
poisoning and MAC flooding. But there has to be another way. I have heard
too many stories about "he sniffed my AIM conversation on a Cisco switch"
(an example is in the most recent version of 2600). Does anyone know of any
technique how to do this? Can you ARP poison a switch?

Ashes
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify/
Version: Hush 2.4
Charset: UTF8

wkYEARECAAYFAkNhkwYACgkQnZu7yPmLRpArTQCgp2JsbOSySZJ7XFvgy1sY4GcGntYA
oIwtV7CLTBjr5j2yW0v1In/Jm7Yv
=rigp
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Sniffing on a switch Andy Meyers (Oct 28)
- Re: Sniffing on a switch mike jablonski (Oct 29)
- Re: Sniffing on a switch Marlen Caemmerer (Oct 29)
- Re: Sniffing on a switch Goran Sevic (Oct 29)
- Re: Sniffing on a switch Volker Tanger (Oct 29)
  - Re: Sniffing on a switch Cedric Blancher (Oct 31)
  - Re: Sniffing on a switch jgervacio (Oct 31)
- Re: Sniffing on a switch Chris Mills (Oct 29)
- Re: Sniffing on a switch Stephen J. Smoogen (Oct 29)
- Re: Sniffing on a switch Dave Bush (Oct 29)
- Re: Sniffing on a switch ilaiy (Oct 29)
- Re: Sniffing on a switch Mikael Kuisma (Oct 31)

(Thread continues...)