Hello Everyone, With the current discussion on "Dsniff and Arpspoof" on pen-test, just thought I will ask one or two things that I have not managed. 1. MITM: How does one launch a MITM, specifically sshmitm. I tried using webmitm and sshmitm with out success. If anyone could quickly post the required steps, would be wonderful. 2. What is the procedure for using dnsspoof? I was assuming that this might be required to get the MITM attack succesful. 3. Msgsnarf: My msgsnarf doesn't work properly. Sometimes it crashes dumping core. Also sniffing sessions which are already running, is not possible. Are there any other utils (open source/free, on Linux platform) which can do this job? Was able to use the other utilities successfully. One thing I have found is that there is no comprehensive document on using dsniff. Maybe it was delibrate on the part of the author, given how versatile this tool is.. But if anyone is seriously interested in collaborating on such a document, let us get started... Cheers, <a href=http://dhar.homelinux.com/dhar/>Sumit Dhar</a> Manager, Business Development and Products, SLMsoft.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue May 07 2002 - 09:15:51 PDT