From: Sumit Dhar (dhar@dexponet.com)
Date: Tue May 07 2002 - 10:10:22 EDT
Hello Everyone,
With the current discussion on "Dsniff and Arpspoof" on pen-test, just
thought I will ask one or two things that I have not managed.
1. MITM: How does one launch a MITM, specifically sshmitm. I tried using
webmitm and sshmitm with out success. If anyone could quickly post the
required steps, would be wonderful.
2. What is the procedure for using dnsspoof? I was assuming that this
might be required to get the MITM attack succesful.
3. Msgsnarf: My msgsnarf doesn't work properly. Sometimes it crashes
dumping core. Also sniffing sessions which are already running, is not
possible. Are there any other utils (open source/free, on Linux
platform) which can do this job?
Was able to use the other utilities successfully. One thing I have found
is that there is no comprehensive document on using dsniff. Maybe it was
delibrate on the part of the author, given how versatile this tool is..
But if anyone is seriously interested in collaborating on such a
document, let us get started...
Cheers,
<a href=http://dhar.homelinux.com/dhar/>Sumit Dhar</a>
Manager, Business Development and Products,
SLMsoft.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:20 EDT