How to sniff packets from afar?

• Previous message: Wertheimer, Ishai: "RE: Extracting NT password hashes from registry export file"
• In reply to: Windex King: "Re: Using Null Session information from NAT.EXE"
• Next in thread: Penetration Testing: "Re: How to sniff packets from afar?"
• Next in thread: bluefur0r bluefur0r: "Re: Using Null Session information from NAT.EXE"
• Reply: Penetration Testing: "Re: How to sniff packets from afar?"
• Reply: miguel.dilajat_private: "Re: How to sniff packets from afar?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have a customer that has an EAL-4 Firewall with strong CGI scripting
protection on it and I was asked to look at a pen-test for him.
He currently has some of his own people periodically try to break-in to
keep it current with his changing environment.
I was wondering if any knows of a way to sniff packets from either his
VPN tunnel connections or traffic through his firewall when you cannot
connect directly in between his ISP and router.

I was told it is possible, but I don't see how.  Also, would anyone know
how to tap a T1 line from a dmark without disrupting service and without
knowing the parameters?

--
Shawn.

• application/x-pkcs7-signature attachment: smime.p7s

• Next message: Scott Seglie: "One Big Review, One Small Script?"
• Previous message: Wertheimer, Ishai: "RE: Extracting NT password hashes from registry export file"
• In reply to: Windex King: "Re: Using Null Session information from NAT.EXE"
• Next in thread: Penetration Testing: "Re: How to sniff packets from afar?"
• Next in thread: bluefur0r bluefur0r: "Re: Using Null Session information from NAT.EXE"
• Reply: Penetration Testing: "Re: How to sniff packets from afar?"
• Reply: miguel.dilajat_private: "Re: How to sniff packets from afar?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Nov 05 2001 - 09:19:36 PST