Telnet issue
Scot L. Harris
webid at cfl.rr.com
Thu Feb 3 19:52:54 UTC 2005
On Thu, 2005-02-03 at 13:39, fly over wrote:
> Hi all,
>
> Just wana ask about telnet security. i have heard many times that telnet is insecure and use secure shell i.e. ssh. as about telnet it is said that pasword is transfer in text format not encrypted. Could anyone please tell me how can i view someones password or data transfering using telnet ?
You need to use a network sniffing tool such as ethereal or ettercap.
Kismet also has a mode that will capture plain text data.
Real low level you could use tcpdump but the other tools are easier to
use.
The biggest problem you may have is getting such a tool on a system
inserted into the network so you can see such traffic. Today's switches
make such sniffing more difficult, but not impossible. (ettercap seems
to be particularly good at dealing with switches)
Please note that experimenting on company networks with such tools is
general frowned on without approval from upper management. And it is
possible to detect most of these tools if the IT staff knows their
stuff.
Playing with it on a home LAN is fine and can be very educational.
So use at your own risk.
--
Scot L. Harris
webid at cfl.rr.com
Not all who own a harp are harpers.
-- Marcus Terentius Varro
More information about the fedora-list
mailing list