RE: [PEN-TEST] Deploying a Win32 Sniffer

From: Tam, GS-12, NCPAC, 3371 (kntam000at_private)
Date: Wed Aug 01 2001 - 10:42:30 PDT

  • Next message: Stephen Murphy: "RE: LDAP directory"

    >>buttsniffer (  is the
    >>only one I know of that is out.  And can cause problems like crashing the
    >>machine.  I have only played with it a little, so YMMV...
    >>Foundstone says they have one called fsniff that will work, but they
    >>haven't released it as of yet...
    Anyone know if fsniff has yet been released (post above/below from Nov 00)
    or any other stable release of a Win32(WinNT spceifically) sniffer that
    doesn't require rebooting or a special packet driver?
    Mahalo in advance,
    Karina Noelani Tam
    -----Original Message-----
    From: MadHat [mailto:madhatat_private]
    Sent: Wednesday, November 29, 2000 6:58 AM
    To: PEN-TESTat_private
    Subject: Re: [PEN-TEST] Deploying a Win32 Sniffer
    At 04:36 PM 11/28/2000 -0500, you wrote:
    >I have heard several people say that once you compromise a minor target
    >you might want to install a packet sniffer to pickup IDs and passwords on
    >the wire.
    >The sniffers I have used (for example, DSniff for Win32) require a packet
    >driver to be installed on the system and it be rebooted. Is there some way
    >to sniff IDs/Passwords without that type of packet driver?
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:

    This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 21:20:30 PDT