Saturday, May 5, 2012

Password Hacking through Sniffing




What is Sniffing?
Sniffing is another technique to use internally. A sniffer or packet capture utility is able to
capture any traffic travelling along the network segment to which it is connected. We
normally set up sniffers throughout the organization to capture network traffic, hoping to
identify valuable information such as user IDs and passwords. We use sniffing to
passively capture data being sent across the internal network. Laptops are usually the
ideal platform since they are portable and easy to conceal. The system does not even need
an IP address since it passively captures the traffic. The sniffing machine copies the data
without modifying its contents and is difficult to detect even with sophisticated intrusion
detection software. There are programs, such as AntiSniff, that have some success in
detecting sniffers.
Switched Ethernet environments reduce the risk of packet capture. Since the sniffer is
able to capture traffic only on its same network segment, a sniffer in a switched
environment can see only traffic destined for it. However, in a shared environment or
mixed environment, sniffers can be very useful for capturing valuable traffic. In addition,
dsniff, written by Dug Song, is able to sniff across switches. The techniques dsniff uses to
sniff on switched segments can cause denial-of-service conditions and therefore should
be used cautiously during penetration testing.

Top 4 Sniffers:
Ethreal
dsniff
Ettercap NG 0.7.1
Hunt 1.5

0 comments:

Post a Comment