> -----Original Message-----
> From: Mike Maravillo [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, June 30, 2001 12:01 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [plug] Allowing root to Telnet
>
>
> On Sat, Jun 30, 2001 at 05:39:36PM +0800, fooler wrote:
> > From: "Orlando Andico" <[EMAIL PROTECTED]>
> > Sent: Sunday, June 24, 2001 10:35 AM
> > > it's certainly possible. if you're not on a switched/VLAN
> network, and
> > > you're sharing the network with some windoze lusers who
> get trojanized,
> > > then yes they can sniff your password.
> >
> > just to remind you guys even you are in switched or vlan
> network, you can
> > still listen. the most important thing is all your data is
> in encrypted
> > form.
>
> But can it listen to data not destined or not coming from itself?
>
> I presume everyone on this list would appreciate and benefit from
> any info to support this claim...
Hi Mike,
How are you now?
It's still possible to listen even on a switched network. This is what you
call arp spoofing.
You can actually configure a port on the switch and set it as a monitoring
port or a diagnostic port.
Pero, if you're not the switch admin, and you still want to sniff packets,
then you can make use
of dsniff, http://www.monkey.org/~dugsong. I have actually hijack a telnet
session on the switch.
When I first learned the tool, I was really amazed. It's actually another
tool.
hth
-onie
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
