On Tue, 23 Nov 2004 14:47:05 -0500, Alex Evonosky <alex@xxxxxxxxxxxx> wrote: > Edward Croft wrote: > > I have a user I am trying to convince to quit using telnet. I have told > > him that his password can be sniffed and that would expose his system. > > He laughs and tells me that no one can get his password. So he threw > > down the gauntlet for me to get his password. He telnets into his home > > machine from work and I want to capture that, so what I am looking for > > is something that can be run from my machine, listen to his here at work > > and capture his home password without knowing explicitly the address of > > that home machine. Any suggestions. I just tried to build dsniff, but it > > failed. It would be beneficial to prove this to him. Since I am not a > > hacker I am not fully aware of these sniffers and how they function. Not > > even sure what I am looking for. I assume it is possible otherwise we > > wouldn't be trying to get people to not use telnet and ftp. > > Thanks in advance. > > Ethereal can capture that just fine in promisc mode... > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list I think you are gonna have to run ethereal but on that same network. If you try it or something similar, over the internet I am not sure, it would probably work with a known target/static ip. I haven't played with ethereal except on a lan, so I am not sure if all the routed and routing protocols do something differrent with a tool like that whose traffic passes trhough a gazillion routers at the ISP level. Also even with his verbal permission to try, you still might be in trouble with his ISP since they can probably detect sniffers and it is their network that he is on. I am sure such tools exist to sniff over multiple LAN/WAN connections, I've just never tried it, and I think THAT would qualify as hacking which might get you in trouble as well. On the other hand, on your own LAN is not as likely to get you in trouble. Ethereal or tethereal the text version is good at displaying all the traffic that flows through a node on the network. Instead of having him telnet into a box at home, have him telnet into a box while you are running ethereal. That should do the trick. Also for low security purposes make sure it is a windows box. :) If that doesn't work post his IP address here, and some of us will post his password (lol just kidding of course) Marc
