Need a sniffer/password capture to prove telnet is bad

Edward Croft ecroft at OPENRATINGS.com
Tue Nov 23 20:11:29 UTC 2004


On Tue, 2004-11-23 at 15:05 -0500, linux r wrote:
> On Tue, 23 Nov 2004 14:47:05 -0500, Alex Evonosky <alex at alexevon.org> wrote:
> > Edward Croft wrote:
> > > I have a user I am trying to convince to quit using telnet. I have told
> > > him that his password can be sniffed and that would expose his system.
> > > He laughs and tells me that no one can get his password. So he threw
> > > down the gauntlet for me to get his password. He telnets into his home
> > > machine from work and I want to capture that, so what I am looking for
> > > is something that can be run from my machine, listen to his here at work
> > > and capture his home password without knowing explicitly the address of
> > > that home machine. Any suggestions. I just tried to build dsniff, but it
> > > failed. It would be beneficial to prove this to him. Since I am not a
> > > hacker I am not fully aware of these sniffers and how they function. Not
> > > even sure what I am looking for. I assume it is possible otherwise we
> > > wouldn't be trying to get people to not use telnet and ftp.
> > > Thanks in advance.
> > 
> > Ethereal can capture that just fine in promisc mode...
> > fedora-list mailing list
> > fedora-list at redhat.com
> > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
> 
> I think you are gonna have to run ethereal but on that same network. 
> If you try it or something similar, over the internet I am not sure,
> it would probably work with a known target/static ip.  I haven't
> played with ethereal except on a lan, so I am not sure if all the
> routed and routing protocols do something differrent with a tool like
> that whose traffic passes trhough a gazillion routers at the ISP
> level.  Also even with his verbal permission to try, you still might
> be in trouble with his ISP since they can probably detect sniffers and
> it is their network that he is on.  I am sure such tools exist to
> sniff over multiple LAN/WAN connections, I've just never tried it, and
> I think THAT would qualify as hacking which might get you in trouble
> as well.
> 
> On the other hand, on your own LAN is not as likely to get you in
> trouble.  Ethereal or tethereal the text version is good at displaying
> all the traffic that flows through a node on the network.  Instead of
> having him telnet into a box at home, have him telnet into a box while
> you are running ethereal.  That should do the trick.  Also for low
> security purposes make sure it is a windows box.  :)
> 
> If that doesn't work post his IP address here, and some of us will
> post his password (lol just kidding of course)
> 
> 
> Marc
> 

This will be done from our internal network. I will be attempting to get
it from the source box, not from his home PC. The last thing I want is
the FBI coming knocking on my door. This is my network and I can listen
in. 
Thanks for the caveat though.

-- 
Edward M. Croft
Sr. Systems Engineer
Open Ratings, Inc.
200 West Street
Waltham, MA 02451-1121




More information about the fedora-list mailing list