Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Protocol Sniffer on PPP interface

From: Greg <greg () HOOBIE NET>
Date: Tue, 10 Oct 2000 20:37:39 +0100
If you can get Netmon 2 (ships with 2000 server) installed, that will sniff
and decode PPP (inc LCP extensions etc.) quite happily.

The original Netmon did this as well but it will not work under 2000.

BTW Netmon as in Micorosft Netmon...

regards

Greg

-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of James Mancini
Sent: 10 October 2000 16:55
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Protocol Sniffer on PPP interface


Sniffing PPP requires that you have a WAN interface into the laptop. Network
Associates' solution is the WANBook, a "pod" that attaches via Ethernet to
the laptop and provides the required serial interfaces. You'd also need the
appropriate "Y" cable. Sniffer Pro does have the decodes for it, it just
can't see it except across the serial interface.

I didn't think Sniffer Pro ran on W2K though?

-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of Curphey, Mark (ISS Atlanta)
Sent: Monday, October 09, 2000 1:05 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Protocol Sniffer on PPP interface


Sat on the end of a dismal 56k dial-up I fired up some sniffers to look at
how a web based app works.

On my win2k laptop I usually carry "analyzer" (which is awesome), "tcp
dump", "sniffer pro" and "ethereal" (I have left my Linux laptop at home).

None of these seem to allow me to look at the traffic across the PPP
interface.

Any ideas ?
Previous By Date Next
Previous By Thread Next

Current thread: