Sniffing packets on the wire

Discussion in 'Security Software' started by Ripul, Jun 5, 2004.

  1. Ripul

    Ripul Guest

    How do you remotely sniff packets on a server to find out what activity is going on that machine

    I know you can sniff through packet analyzers like ethereal but how do sniff just about any traffic going over the wire on a particular machine or server

    I am new to packet sniffers and network protocol analyzer

    Any help would be appreciated

    Ripul
     
    Ripul, Jun 5, 2004
    #1
    1. Advertisements

  2. Ripul

    Robert Moir Guest

    If "Remotely" means without touching the server at all, I'd log into the
    switch it was connected to, get it to echo the port the server is using to
    an un-used port, then plug my sniffer into the un-used port. Job done.
     
    Robert Moir, Jun 6, 2004
    #2
    1. Advertisements

  3. Ripul

    S. Pidgorny Guest

    Just to add to that: some time ago Cisco had a vulnerability in the Web
    management interface of their switches, allowing to configure the switch
    without proper authorisation. I observe switches that have this problem
    still in wide use. That vulnerability allows anybody physically connected to
    the same switch, sniff traffic to any/all of the systems, then use software
    packages like Cain and Abel to extract all sorts of logon credentials.
     
    S. Pidgorny, Jun 6, 2004
    #3
  4. Ripul

    Robert Moir Guest

    Thats pretty bad....
     
    Robert Moir, Jun 6, 2004
    #4
  5. Read the FAQs at the following sites.

    www.ethereal.com
    www.robertgraham.com [the IDS faq]


    sniff just about any traffic going over the wire on a particular machine or
    server.
     
    Karl Levinson [x y] mvp, Jun 6, 2004
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.