Re: [PEN-TEST] Deploying a Win32 Sniffer

From: bacano (bacanoat_private)
Date: Thu Aug 02 2001 - 05:32:40 PDT

  • Next message: lionelat_private: "RE: [PEN-TEST] Deploying a Win32 Sniffer"

    Without the need of winpcap, Sniffer Basic (NetXRay) from NAI is nice, I
    just don't know if they still provide a trial version or if you really have
    to buy it. The 'Pro' version of course is better if you consider to buy. As
    far as I can remember there is Analyzer that is free (I suppose that in
    securityfocus or packetstorm you can find it).
    
    [  ]'s bacano
    
    
    ----- Original Message -----
    From: "Tam, GS-12, NCPAC, 3371" <kntam000at_private>
    To: "'Penetration Testers'" <PEN-TESTat_private>
    Sent: Wednesday, August 01, 2001 6:42 PM
    Subject: RE: [PEN-TEST] Deploying a Win32 Sniffer
    
    
    > >>buttsniffer (http://packetstorm.securify.com/sniffers/buttsniffer)  is
    the
    > >>only one I know of that is out.  And can cause problems like crashing
    the
    > >>machine.  I have only played with it a little, so YMMV...
    > >>
    > >>Foundstone says they have one called fsniff that will work, but they
    > >>haven't released it as of yet...
    >
    > Anyone know if fsniff has yet been released (post above/below from Nov 00)
    > or any other stable release of a Win32(WinNT spceifically) sniffer that
    > doesn't require rebooting or a special packet driver?
    >
    > Mahalo in advance,
    > Karina Noelani Tam
    >
    > -----Original Message-----
    > From: MadHat [mailto:madhatat_private]
    > Sent: Wednesday, November 29, 2000 6:58 AM
    > To: PEN-TESTat_private
    > Subject: Re: [PEN-TEST] Deploying a Win32 Sniffer
    >
    >
    > At 04:36 PM 11/28/2000 -0500, you wrote:
    > >I have heard several people say that once you compromise a minor target
    > >you might want to install a packet sniffer to pickup IDs and passwords on
    > >the wire.
    > >
    > >The sniffers I have used (for example, DSniff for Win32) require a packet
    > >driver to be installed on the system and it be rebooted. Is there some
    way
    > >to sniff IDs/Passwords without that type of packet driver?
    > >
    >
    >
    >
    >
    >
    >
    >
    >
    > --------------------------------------------------------------------------
    --
    > This list is provided by the SecurityFocus Security Intelligence Alert
    (SIA)
    > Service. For more information on SecurityFocus' SIA service which
    > automatically alerts you to the latest security vulnerabilities please
    see:
    > https://alerts.securityfocus.com/
    >
    >
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/
    



    This archive was generated by hypermail 2b30 : Thu Aug 02 2001 - 12:35:58 PDT