[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: network sniffer



On Tue, 2004-06-08 at 10:41, Chadley Wilson wrote:

> I have banned the use of rlogin and telnet and the other insecure tools
> and need to be able to catch employees using them.
> As we have had a few crakers on our network previously.
> 
> My training instructor showed me a tool that ran in terminal with a blue
> background that actually listed all active connections on the network
> (intranet in my case) he selected one and showed us how the text was
> transferred unencrypted, but I can for the life of me remeber what it is
> called.
> Any ideas.

Not sure of that particular application.  But you can use ethereal to
filter for telnet and rlogin connections only (keeps the amount of data
to reasonable level).  

You will still need to setup your switch to mirror the ports you want to
monitor to the interface of the system running ethereal or tcpdump or
snort or any of a number of sniffer packages that are available.

-- 
Scot L. Harris
webid cfl rr com

It's not reality or how you perceive things that's important -- it's
what you're taking for it... 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]