January 5th, 2004, 10:50 PM
I know there is a utility called AimSniff that will let you track any conversations on your local network, but isn't there one you can use that goes one step further? I have a friend I perform testing with, we are both in the same condo, but it doesn't seem that we can really sniff eachothers data without providing eachothers IP in which we shared originally. How can we go one step further or is it that networks are becoming more secure?
January 5th, 2004, 10:54 PM
I would think something like Ettercap could probably do it. Would this be a utility on a specific platform?
January 5th, 2004, 10:58 PM
We both playing around with different operating systems. We have Knoppix & PHLAK on CD-R, we have Red Hat, Slackware, and Ice Pack and Windows 2000 & XP. We enjoy learning as much as we can, but no matter how much we dwell in hacking we really can't pull information from eachother without using our already known information. The thing is we already know eachothers network, but we are secretly setting up boxes to use within the next few weeks and we want to see how much we really know.
January 5th, 2004, 10:59 PM
This is for Education and Fun. There are no malicious intent, we are both security professionals and have been to a few hands on hacking courses, but it is just so different in the real world and sometimes we feel we don't know squat.
January 6th, 2004, 12:22 AM
Well, that would be something that Ettercap would be handy for. The wargames tutorials I wrote might also be some good guidelines. What you might want to do is not tell each other what is going on the boxes and set a start date to investigate the "new machines". Don't give out IPs and figure out what each device is in your network via utilities like nmap, SARA, Retina, etc.
Originally posted here by Info Tech Geek
.. but no matter how much we dwell in hacking we really can't pull information from eachother without using our already known information. The thing is we already know eachothers network, but we are secretly setting up boxes to use within the next few weeks and we want to see how much we really know.
January 6th, 2004, 12:28 AM
So, how do I know if I am sniffing the correct network? How far can I sniff out?
January 6th, 2004, 12:31 AM
Well, ettercap is usually limited to whatever traffic is picked up by a switch or router. So, if it's a switch with a single LAN, you'll pick up all the traffic in there. However, if it was the main switch for say AT&T, you'd better have a lot of RAM and a huge pipe for it to handle the traffic flow. Sorta think of it like tcpdump but a little more intelligent and more user friendly.
The one thing I'd suggest is checking out the plug-ins included with ettercap. Some of them are quite nifty.
January 7th, 2004, 09:02 PM
It won't really teach much like MSM's reply but if you are on the same segment or can place it by a router you can download this trial...