On Thu, 2005-02-03 at 13:39, fly over wrote: > Hi all, > > Just wana ask about telnet security. i have heard many times that telnet is insecure and use secure shell i.e. ssh. as about telnet it is said that pasword is transfer in text format not encrypted. Could anyone please tell me how can i view someones password or data transfering using telnet ? You need to use a network sniffing tool such as ethereal or ettercap. Kismet also has a mode that will capture plain text data. Real low level you could use tcpdump but the other tools are easier to use. The biggest problem you may have is getting such a tool on a system inserted into the network so you can see such traffic. Today's switches make such sniffing more difficult, but not impossible. (ettercap seems to be particularly good at dealing with switches) Please note that experimenting on company networks with such tools is general frowned on without approval from upper management. And it is possible to detect most of these tools if the IT staff knows their stuff. Playing with it on a home LAN is fine and can be very educational. So use at your own risk. -- Scot L. Harris webid@xxxxxxxxxx Not all who own a harp are harpers. -- Marcus Terentius Varro
