Re: Command line network sniffing tools on NT/W2K

[andreas junestam <andreas.junestam () defcom com>]

Hi,

winpcap (atleast the later versions) will install automatically if you
just place all the needed drivers in the same directory as the program
using it and then start it up.

/andreas

"Zwan-van-der.Erwin" wrote:
> Hi,
>
> During pen-tests I am regularly coming across situations were a remote
> command line is available on an exploited dual homed NT or W2K box. To go a
> step further I want to exploit the network behind this box as well. However
> I am missing some good tools in my toolbox. In particular I am looking for
> command line:
> - network sniffing tools (both general ones like windump and password
> sniffing ones)
> - ARP spoofing tool from a NT or W2K box to another node
> - methods to find multi homed systems fast in a large LAN/WAN environment
>
> The Foundstone tools like Fpipe and Fscan are great since they do not
> require any additional installed drivers and produce reliable results so
> far. Buttsniff+ crashes and like other tools as Dsniff needs additional
> drivers to be installed (like winpcap). Is Fsniff already out?
>
> Appreciate any help and ideas.
>
> Erwin.
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/