Security Basics mailing list archives
Re: Application backdoor suspect
From: <nick84 () rootsecure net>
Date: 16 Dec 2002 16:49:27 -0000
In-Reply-To: <002601c2a2df$70727070$9801a8c0 () mail sargam com> RE: http://online.securityfocus.com/archive/105/303359 Well to see what information any application is sending over the wire (assuming its not encrypted) you need a packet sniffer. This sniffer FAQ has a number listed, http://216.239.37.100/search? q=cache:2497UGNKBkoC:www.robertgraham.com/pubs/sniffing- faq.html+&hl=en&ie=UTF-8#software-windows I would recommend ettercap available from http://ettercap.sourceforge.net in Windows / *nix varieties. It also comes pre-installed on the knoppix bootable cd http://www.knopper.net/knoppix/index-en.html - just put the cd in a spare machine, select the machines you want to sniff communications between (ie client computer and internet gateway/router) and click a connection to see the traffic. ______________________________ http://www.rootsecure.net/
Current thread:
- Application backdoor suspect skp (Dec 13)
- Re: Application backdoor suspect Catfish (Dec 16)
- Re: Application backdoor suspect Gene (Dec 17)
- <Possible follow-ups>
- RE: Application backdoor suspect Tony Fondo (Dec 17)
- Re: Application backdoor suspect nick84 (Dec 17)
- Re: Application backdoor suspect H C (Dec 18)