Power Steve wrote: > Anyone know if you can meaningfully sniff Exceed ( I guess it's the same as > X) traffic? Im being a bit lame, my personal test lab is down atm, and I > cant find anything on the net re sniffing and interpreting X traffic. X sends painting commands from the client to the server (the screen), and mouse and keyboard events the other way (mainly). If you can listen in on a keyboard event stream, you may certainly find passwords in there. I've seen at least one intrusion vulnerability assessment program do just that (but which one was it?) Indeed, if you can sniff a full X stream (both ways), I suspect you can come very close to 'replay' whats going on on the screen (like XWatchWin), including 'non-echoing' key presses. I'm not up-to-date about X protection mechanisms, though: I don't know if there is such a thing as encrypted X traffic. -- Anders Thulin Anders.X.Thulinat_private 040-661 50 63 Telia ProSoft AB, Carlsgatan 6, SE-201 20 Malmö, Sweden ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Aug 13 2001 - 12:30:22 PDT