On 14:54 23 Nov 2004, Matthew Miller <mattdm@xxxxxxxxxx> wrote: | On Tue, Nov 23, 2004 at 02:47:05PM -0500, Alex Evonosky wrote: | > >down the gauntlet for me to get his password. He telnets into his home | > >machine from work and I want to capture that, so what I am looking for | > >is something that can be run from my machine, listen to his here at work | > >and capture his home password without knowing explicitly the address of | [...] | > Ethereal can capture that just fine in promisc mode... | | But, if it's a switched network, you'll need to actually be somewhere in the | path his packets are travelling. (Or somehow convince the switch to send all | packets your direction, which may not be trivial.) Switches only switch while all the MAC addresses fit in their MAC->port mapping table. If that fills some switches fall back to "hub" mode, and braodcast all traffic to all ports. You can force this by flooding your own port with random MACs I think, to blow out the table. -- Cameron Simpson <cs@xxxxxxxxxx> DoD#743 http://www.cskk.ezoshosting.com/cs/ Rearranged the networking in Telsa's room. This lets me get a single address space for the entire house network so that machines can move rooms without having to be reconfigured. More importantly although she has yet to realise it leaves me with sufficient free ports downstairs to later run cabling into the TV room and kitchen. - Alan Cox 12apr2001