I may get dsniff, sounds about like what I want. For the curious: I'm the Linux Sys Admin here, mostly because I happen to know the most about Linux. My boss doesn't think that I need to spend as much time on security as I think I do. We've had 2 very obvious script-kiddie attempts in our logs files in only 1 month. I'm trying to prove to my boss that we MUST use ssh, not telnet (we're using telnet all day long, and I had trouble installing ssh, so I'm going to have to spend a bit of time on it.) I thought the best demonstration possible would be to have him watch me sniff a password in real time, then say "Anyone with this same app which I got from such-and-such URL can do exactly the same thing......" Ethereal is working, but I don't see how to sniff anything except this workstation's own eth0 (haven't read the docs yet though). I think I'll try dsniff. JW At 04:28 PM 10/3/2000 -0400, you wrote:
libpcap is needed by any sniffer, AFAIK. what exactly do you want to sniff? just traffic? then tcpdump will do. if you want a powerfull tcpdump-type sniffer, get snort. if you want security-type sniffing, then get dsniff, which was designed specifically for sniffing passwords. of course, you can find all this software on freshmeat.
----- Original Message ----- From: Jonathan Wilson
To: Sent: Tuesday, October 03, 2000 4:14 PM Subject: [SLE] Packet sniffer Howdy,
I'm looking for a packet sniffer. I thought etheral looked nice but it wants libs I don't have, and since I'm probably only going to use this thing once or twice I really don't want to start off on a this-rpm-needs-that-rpm-that-needs-another-rpm............ you know what I mean :-).
error: failed build dependencies: libpcap >= 0.4 is needed by ethereal-0.8.9-1 ucd-snmp-devel is needed by ethereal-0.8.9-1 zlib-devel is needed by ethereal-0.8.9-1
What have any of the rest of you done? Should I just find and install those libs, will they mess anything up? Or is there a better sniffer that I should try to get? Is there anything that works on SuSE 6.4 "straight outta the box"?
JW
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq