http://www.Linux-Sec.net Hardening-Tightening Security_Policy Hardening-HOWTO Linux Distros Distro Patches Kernel-Patches Dedicated Servers Firewalls DNS Servers Mail Servers Web Servers Turn-Off Daemons Tighten Inetd Services Top-10 Vulnerabilities Top-7 Security Mistakes Top-10 Vulnerabilities Top-20 Most Critical Vulnerability Top-10 Virus Scans/Attacks Stats Top-10 Attacks Hacked Servers One Minute Audits OpenPorts Audit AntiVirus - AntiSpam Anti-Spam Anti-Virus spam.wav Wireless [In]Security Sniffers Security Tools SSH_SSL Firewalls MailServer FileSystem VPN Port Scan Detectors IDS Tools LogFile Analysis Ethernet Monitoring Server Monitoring Tracking & Forensics Hackers Tools Audit Tools Port Scanners Hacking Tools DDOS Tools Sniffer Tools Spoof Tools Exploits & Vulnerbilities Wireless Wireless [In]Security Misc Statistics Linux/BSD Distros Links,Articles,WatchDogs Security Mailing Lists/FAQs Liability Insurance 1U Rackmount Chassis Custom-Chassis.com Linux-1U.net 1U-ITX.net ITX-Blades.net Small PC cases Mini-Box.net Wrap-Box.net Wrap-OS.net Wan-Sim.net Linux-Consulting.com Linux-CAE.net Linux-Sec.net Linux-Boot.net Linux-Backup.net Linux-Wireless.org Linux-Office.net Linux-Video.net Linux-VOIP.net Linux-Jobs.net Linux-Diff.net 1U-Raid5.net Linux-Howto.net Spam Reporting Free Linux CDs ISO9660.org Distro-CD.org Patch-CD.org Contact Linux is a registered trademark of Linus Torvalds More Linux Legalese

Sniffing Tools Sniffer Scripts Linux-Sec.net/Sniffer/Scripts Sniffer.pl scripts Sniffer FAQs RobertGraham.com Sniffing FAQ ( original, circa 2000 ) SecInf.net Sniffer FAQ FlowCalcs.com Sniffer FAQ IreonGeek.com ISS.net Sniffer FAQ ( original, circa 1996 ) -- nowhere to be found MoreHouse.org Sniffer FAQ ( v3 ) FAQs.org Sniffer FAQ ( v3 ) Cotse.com ( ISS ) Sniffer Security FAQ The Following is susceptible to sniffing ( its passwd is clear text ) telnet, pop3, imap, ftp, snmp, nntp Using Secure pop3 and Secure IMAP will (?) prevent the the sniffer from seeing your login and passwd will NOT prevent the the sniffer from reading your email in clear text when it travels around the world and comes into or leaves your mail server More importantly, ALL unencrypted data is sniffable ( human readable ) send and receive only encrypted data for a trivial solution against sniffing Using easy to guess login and passwd mitgates any encryption it takes a few seconds or minutes to guess your passwd in the "100,000 word dictionary" How do you know if someone is sniffing all your data your competitors will sniff the incoming email to your mail servers They can sniff ALL of your data, login, passwd and all emails they can sniff ALL your data from all the routers you passed thru they can sniff ALL your data from your ISP they can sniff ALL your data from your colo they can sniff ALL your data from your local network they can sniff ALL your data from your wireless network they can sniff ALL your data from your vpn connections at home they can sniff ALL your data from the airport, coffee shops, etc they can sniff ALL your data from outside your office or home Sniffer Detectors Linux-Sec.net/Sniffer.Detectors Wireless Sniffers Linux-Wireless.org/Sniffers Sniffing Across Switches Mac Address Spoofing IronGeek.com ( local copy ) ARP Poisoning AssamRifls.com IronGeek.com IronGeek.com video PacketStormSecurity.com sid.rstack.org ( local copy ) sid.rstack.org article sid.rstack.org ( local copy ) sid.rstack.org ( local copy ) habets.pp.se arping arpPoison arpRedirect hotlink.com.br arptool arpWrap monkey.org dsniff EtterCap.SourceForge.net man-in-the-middle-attack hunt Network Sniffers Washington.edu Sniffers and You Fefe.de Switching and VLAN Security FAQ neworder.box.sk CA.com CDit.edu huge list DSINet huge list Technotronic huge list HackersClub huge list SecurityFocus huge list under Tools->Sniffers hut.fi Sniffers COTSE.com Sniffers SecurityPortal.com Sniffers MyCert.Mimos.my Sniffers LinuxSecurity.com Network Security/Sniffers DigiLander.iol.it IDS List PacketStormSecurity.org Sniffers PacketStormSecurity.org network-scanners BlackSheepNetworks.com network scanners DSINet.org network scanners AstalaVista.com Vilecha.com Sans.org Penetration Testing w/ dsniff WWits.net Sniffers PacketStormSecurity.com Sniffers Securify.com Sniffers Securify.com Sniffing FAQ Oxid.it FreeFire.org Uni-Rostock.de tcp tools fefe.de arprelay fsid.cut.cz HUNT Starzetz.de smit Coast CPM - Check Promiscuous Mode Naughty.Monkey.org DSniff DataNerds.net dsniff for windoze EtherReal.com EtherReal.Zing.org GNUSniff SourceForge.net IPGrab SecurityFocus.com K-Arp-Ski sniffer NFR.com Network Flight Recorder PacketFactory.net ngrep - network grep morphine.com passlogd Phencelit.de phoss - sniff HTTP, FTP, LDAP, Telnet, IMAP4, POP3, VPN logins Reptile.rug.ac.be SniffIt SniffIT FAQ Snoop TCPSpy Keyboard Sniffers - Loggers if they installed a keyboard logger, you're dead ... gameover .. encryption will NOT help either since they can see your passphrase if they installed the keyboardlogger remotely, you have other very serious securityproblems if they have physical access, game over... just pull the plug and walk out with the PC or laptop with important data on it thc.org vLogger ( keyboard logger/sniffer ) teso.scen.at iob - kb sniffer citefa.gov.ar tecleo PacketStormSecurity.org keylogger honeynet.org sebek SourceForge.net lkl VNC

Copyright © 2000	Linux-Consulting	All Rights Reserved.	Updated: Mon Nov 7 18:30:27 2005 PDT