Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: password detection

From: "Crow, Owen" <Owen_Crow () bmc com>
Date: Mon, 18 Mar 2002 09:23:20 -0600
There's a tool designed for just this purpose (amongst other
even more gray-area purposes) called dsniff:
http://www.monkey.org/~dugsong/dsniff/

Good luck,
Owen Crow
Systems Programmer (Unix)
BMC Software, Inc.


-----Original Message-----
From: Mike Arrison [mailto:arrison () gnostech com]
Sent: Monday, March 18, 2002 7:43 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] password detection


Howdy,
      I know this request is going to sound really devious, 
but I assure you my
intentions are completely white-hat.
      I'd like to see how many people are using plain text 
passwords on my
network.  A few protocols that come to mind are telnet and 
pop3.  Obviously,
I want to teach them the wonder that is ssh.  I was thinking 
something like:

content:"PASS";

      Has anyone gone about this before?

     -Mike Arrison


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: