Need a sniffer/password capture to prove telnet is bad
Cameron Simpson
cs at zip.com.au
Fri Nov 26 06:21:03 UTC 2004
On 14:54 23 Nov 2004, Matthew Miller <mattdm at mattdm.org> wrote:
| On Tue, Nov 23, 2004 at 02:47:05PM -0500, Alex Evonosky wrote:
| > >down the gauntlet for me to get his password. He telnets into his home
| > >machine from work and I want to capture that, so what I am looking for
| > >is something that can be run from my machine, listen to his here at work
| > >and capture his home password without knowing explicitly the address of
| [...]
| > Ethereal can capture that just fine in promisc mode...
|
| But, if it's a switched network, you'll need to actually be somewhere in the
| path his packets are travelling. (Or somehow convince the switch to send all
| packets your direction, which may not be trivial.)
Switches only switch while all the MAC addresses fit in their MAC->port
mapping table. If that fills some switches fall back to "hub" mode,
and braodcast all traffic to all ports. You can force this by flooding
your own port with random MACs I think, to blow out the table.
--
Cameron Simpson <cs at zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/
Rearranged the networking in Telsa's room. This lets me get a single
address space for the entire house network so that machines can move
rooms without having to be reconfigured. More importantly although she
has yet to realise it leaves me with sufficient free ports downstairs
to later run cabling into the TV room and kitchen. - Alan Cox 12apr2001
More information about the fedora-list
mailing list