Re: dsniff wierdness

From: Mark Owen (mr.markowen@gmail.com)
Date: Sat Feb 18 2006 - 23:59:05 EST


On 2/17/06, Matt Glaves <matt@glaves.org> wrote:

> I have a Debian box running 2.6.15 that only logs traffic destined for
> the box.

If the filter on dsniff is set to only log traffic destined to the box
then all other packets sent through the proxy is ignored.

> There is 5Mbit of proxy traffic going through the nic and it
> doesn't see any of it. If I start pop3 on the box and telnet to it from
> a remote PC it gets logged in dsniff properly.

Telnet is destined to the box and is therefore shown on dsniff.
Or have I just completely misunderstood the scenario?

--
Mark Owen
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:32 EDT