Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Dsniff usage

From: John <naverxp () yahoo com sg>
Date: Sat, 09 Jul 2005 00:59:50 +0800
Hi all

Pardon me for correcting your mistake.
1) Set your card to promiscuous mode. (passive-mode)
2) Dsniff comes with arp poisoning i think.

:)


Ron wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dsniff will (by default) try to set the NIC to permicuous mode, and it
functions like a regular sniffer.

So:
1) You need an administrator account to sniff traffic and set permicuous
mode
2) It can sniff any traffic that ends up at your network card.  So if
you're on a hub, you see everything plugged into it, and on a switch you
just see your own traffic, or any traffic routed through you.  It
doesn't use ARP poisoning, you would have to do that yourself (with
ettercap or nemesis or something).

Hope that helps,
- -Ron

dissolved wrote:

Can DSNIFF's utilities (ie:  urlsnarf)  work in a LAN, regardless of the
permissions you have on the target PC correct?  Does it employ arp poisoning
to accomplish this? 
Any tips for usage?  I've heard it's not as stable on the win32 platform.
Thanks





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.9.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCy+AnfqSf2EkP4p4RAk0dAJ9TIw3RdLy3a0cRGEmg1bhxIlJrHwCfYVZ2
T8PmZg/5qKghm0BtfoEmMJw=
=lmrD
-----END PGP SIGNATURE-----
Send instant messages to your online friends http://asia.messenger.yahoo.com
Previous By Date Next
Previous By Thread Next

Current thread: