Need a sniffer/password capture to prove telnet is bad
Frank Pineau
frank at pineaus.com
Tue Nov 23 22:44:42 UTC 2004
On Tue, 23 Nov 2004 15:47:32 -0500, you wrote:
>Another tool you can try is ettercap. It has a very nice arp poison
>mode that can let you sniff all packets going through most switches
>without having to mirror ports. While running ettercap if it sees a
>telnet protocol it will grab the user id and password and dump it in a
>window for you. You can also log the results.
>
>
>The easy method though is to mirror his port and use ethereal.
I don't normally recommend arp poisoning, especially for a neophyte, because
it's so easy to do it wrong and hose your network.
More information about the users
mailing list