Need a sniffer/password capture to prove telnet is bad

Mon Nov 29 10:03:38 UTC 2004

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I have a user I am trying to convince to quit using telnet. I have
> told him that his password can be sniffed and that would expose his
> system. He laughs and tells me that no one can get his password. So
> he threw down the gauntlet for me to get his password. He telnets
> into his home machine from work and I want to capture that, so what
> I am looking for is something that can be run from my machine,
> listen to his here at work and capture his home password without
> knowing explicitly the address of that home machine. Any
> suggestions. I just tried to build dsniff, but it failed. It would
> be beneficial to prove this to him. Since I am not a hacker I am
> not fully aware of these sniffers and how they function. Not even
> sure what I am looking for. I assume it is possible otherwise we
> wouldn't be trying to get people to not use telnet and ftp.
> > Thanks in advance.
> --

Maybe this is a nonsense, but does not will be easier to close port
23 and force the use of ssh connection for remote work?

As the connection is to work to home, instead of home to work (remote
worker) I will not find so surprising the update of company
networking policies to close port 23.

Regards,

David

============================================
David Colomer
Methods and Processes

Atos Origin
Telco & Utilities

mailto:david.colomer at atosorigin.com
http://www.atosorigin.com
============================================

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4

iQA/AwUBQarz824WyYDd4LhFEQLGqACg8r7RAmBs0Oo2yugI02V4WJXCqRwAnR4q
QDYVC8e9jVimz1KgkJ2sCt5L
=Vbyc
-----END PGP SIGNATURE-----

------------------------------------------------------------------
This e-mail and the documents attached are confidential and intended solely
for the addressee; it may also be privileged. If you receive this e-mail
in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the sender does
not warrant that this transmission is virus-free and will not be liable for
any damages resulting from any virus transmitted.

Este mensaje y los ficheros adjuntos pueden contener informacion
confidencial destinada solamente a la(s) persona(s) mencionadas
anteriormente. Pueden estar protegidos por secreto profesional Si usted
recibe este correo electronico por error, gracias de informar inmediatamente
al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red, Atos
Origin no se hace responsable por su contenido. Su contenido no constituye
ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por
ambas partes.
Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor
no puede garantizar nada al respecto y no sera responsable de cualesquiera
danos que puedan resultar de una transmision de virus
------------------------------------------------------------------