Penetration Testing mailing list archives

Re: Sniffing on a switch

From: "Goran Sevic" <goranlegion () ftml net>
Date: Sat, 29 Oct 2005 02:09:21 -0700

Hi,

sniffing on the switch is perfromed by connecting the sniffee to the
management port. ALternativley ports can be spanned. Spanned ports have
the property of being able to see all data traffic traversing the
switch, thus helping the sniffer.

regs,
GoRaN
On Thu, 27 Oct 2005 19:55:04 -0700, "Andy Meyers"
<andy.meyers () hushmail com> said:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Now i know people say you "cant" sniff on a switch and I know about ARP
poisoning and MAC flooding. But there has to be another way. I have heard
too many stories about "he sniffed my AIM conversation on a Cisco switch"
(an example is in the most recent version of 2600). Does anyone know of
any
technique how to do this? Can you ARP poison a switch?

Ashes
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify/
Version: Hush 2.4
Charset: UTF8

wkYEARECAAYFAkNhkwYACgkQnZu7yPmLRpArTQCgp2JsbOSySZJ7XFvgy1sY4GcGntYA
oIwtV7CLTBjr5j2yW0v1In/Jm7Yv
=rigp
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

-- 
  Goran Sevic
  goranlegion () ftml net

-- 
http://www.fastmail.fm - The professional email service


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Sniffing on a switch Andy Meyers (Oct 28)
- Re: Sniffing on a switch mike jablonski (Oct 29)
- Re: Sniffing on a switch Marlen Caemmerer (Oct 29)
- Re: Sniffing on a switch Goran Sevic (Oct 29)
- Re: Sniffing on a switch Volker Tanger (Oct 29)
  - Re: Sniffing on a switch Cedric Blancher (Oct 31)
  - Re: Sniffing on a switch jgervacio (Oct 31)
- Re: Sniffing on a switch Chris Mills (Oct 29)
- Re: Sniffing on a switch Stephen J. Smoogen (Oct 29)
- Re: Sniffing on a switch Dave Bush (Oct 29)
- Re: Sniffing on a switch ilaiy (Oct 29)
- Re: Sniffing on a switch Mikael Kuisma (Oct 31)
- <Possible follow-ups>
- RE: Sniffing on a switch Smith, Michael J. (Oct 29)
- RE: Sniffing on a switch Evans, Arian (Oct 31)

(Thread continues...)