Re: sniffing plaintext protocols

From: killy (killfactory@gmail.com)
Date: Thu Aug 17 2006 - 13:48:44 EDT


You could always simply span a port on your managed swutch and capture
the traffic with a variety of tools. It sounds like you have to right
tools already.

I agree with Cain and Able. It you want a simple proof of concept, use it.

I you want a better understanding of the fundamentals used by Cain,
you could use fragroute / dsniff / etc. and manually confiure the MITM
attack.

On 8/15/06, Tonnerre Lombard <tonnerre.lombard@sygroup.ch> wrote:
> Salut,
>
> On Sat, 2006-08-12 at 00:57 +0200, Joachim Schipper wrote:
> > > Well pgp does address another area compared to TLS or pop3s. On the
> > > other hand I agree to combine both!
> >
> > Only if you configure your MUA not to downgrade to plain SMTP when TLS
> > is not available, and so on - there isn't too much point otherwise.
>
> In fact, every MTA which is between you and your communication partner
> must be configured not to downgrade to plain SMTP. Which most of them
> just do.
>
> Tonnerre
> --
> SyGroup GmbH
> Tonnerre Lombard
>
> Loesungen mit System
> Tel:+41 61 333 80 33 Roeschenzerstrasse 9
> Fax:+41 61 383 14 67 4153 Reinach BL
> Web:www.sygroup.ch tonnerre.lombard@sygroup.ch
>
>
>

-- 
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:45 EDT