Home | Content | Search | Navigation | Indexes
 

Mailinglist Archive: opensuse (2269 mails)

< Previous Next >
Re: [SLE] Packet sniffer
  • From: wilson@xxxxxxxxxxx (Jonathan Wilson)
  • Date: Tue, 03 Oct 2000 16:04:10 -0500
  • Message-id: <4.3.2.7.0.20001003155503.01b288a0@xxxxxxxxxxx>



I may get dsniff, sounds about like what I want.

For the curious:
I'm the Linux Sys Admin here, mostly because I happen to know the most about Linux. My boss doesn't think that I need to spend as much time on security as I think I do. We've had 2 very obvious script-kiddie attempts in our logs files in only 1 month. I'm trying to prove to my boss that we MUST use ssh, not telnet (we're using telnet all day long, and I had trouble installing ssh, so I'm going to have to spend a bit of time on it.) I thought the best demonstration possible would be to have him watch me sniff a password in real time, then say "Anyone with this same app which I got from such-and-such URL can do exactly the same thing......"

Ethereal is working, but I don't see how to sniff anything except this workstation's own eth0 (haven't read the docs yet though).

I think I'll try dsniff.

JW

At 04:28 PM 10/3/2000 -0400, you wrote:
>libpcap is needed by any sniffer, AFAIK.
>what exactly do you want to sniff? just traffic? then tcpdump will do. if
>you want a powerfull tcpdump-type sniffer, get snort. if you want
>security-type sniffing, then get dsniff, which was designed specifically for
>sniffing passwords. of course, you can find all this software on freshmeat.
>
>
>----- Original Message -----
>From: Jonathan Wilson <wilson@xxxxxxxxxxx>
>To: <suse-linux-e@xxxxxxxx>
>Sent: Tuesday, October 03, 2000 4:14 PM
>Subject: [SLE] Packet sniffer
>
>
>> Howdy,
>>
>> I'm looking for a packet sniffer. I thought etheral looked nice but it
>wants libs I don't have, and since I'm probably only going to use this thing
>once or twice I really don't want to start off on a
>this-rpm-needs-that-rpm-that-needs-another-rpm............ you know what I
>mean :-).
>>
>> error: failed build dependencies:
>> libpcap >= 0.4 is needed by ethereal-0.8.9-1
>> ucd-snmp-devel is needed by ethereal-0.8.9-1
>> zlib-devel is needed by ethereal-0.8.9-1
>>
>> What have any of the rest of you done? Should I just find and install
>those libs, will they mess anything up? Or is there a better sniffer that I
>should try to get? Is there anything that works on SuSE 6.4 "straight outta
>the box"?
>>
>> JW
>>
>>
>> --
>> To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
>> For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
>> Also check the FAQ at http://www.suse.com/support/faq
>>
>
>
>--
>To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
>For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
>Also check the FAQ at http://www.suse.com/support/faq


--
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the FAQ at http://www.suse.com/support/faq


< Previous Next >
References