Hello Shawn I'm not aware of the "remote" sniffing capabilities you mention, but regarding the tap of a T1 I recall some info in www.ntrootkit.org. I've no web access here to check, but I'm pretty sure that there's some links in this page. Best regards, Miguel Dilaj "Shawn Duffy" <sduffyat_private> on 02/11/2001 23:14:48 To: <pen-testat_private> cc: Subject: How to sniff packets from afar? I have a customer that has an EAL-4 Firewall with strong CGI scripting protection on it and I was asked to look at a pen-test for him. He currently has some of his own people periodically try to break-in to keep it current with his changing environment. I was wondering if any knows of a way to sniff packets from either his VPN tunnel connections or traffic through his firewall when you cannot connect directly in between his ISP and router. I was told it is possible, but I don't see how. Also, would anyone know how to tap a T1 line from a dmark without disrupting service and without knowing the parameters? -- Shawn. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Nov 08 2001 - 14:53:31 PST