Sniffing networks
Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Sniffing networks

Hybrid View

  1. #1
    Junior Member
    Join Date
    Aug 2004
    Posts
    4

    Sniffing networks

    After you use apr posioning from cain to sniff out usernames and passwords how do you decrypt the information you receive. On another note how do you figure out what encryption a website is using? Also, can someone tell me or guide me somewhere that explains certificates because when I sniff myself sites like gmail cause endless popups of invalid certificates.

  2. #2
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    when I sniff myself sites like gmail cause endless popups
    When I sniff myself, people usually give me funny looks...
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  3. #3
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Why is it I get the distinct feeling that this gentleman will be getting a visit from a black helicopter?

    If
    sites like gmail cause endless popups
    then you must be communicating with them?................. not a good idea in these circumstances I would have thought? the activity will be logged.

    On another note how do you figure out what encryption a website is using?
    Ask the administrator?

    Oh Well!
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #4
    Senior Member
    Join Date
    Nov 2007
    Location
    Phoenix, Arizona
    Posts
    102
    Quote Originally Posted by westin
    When I sniff myself, people usually give me funny looks...
    I need to comment on this post, everytime I read this comment I can't help but laugh out loud (LOL).
    LOGIN: yes
    PASSWORD: I dont have one
    "Login Failed"

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Quote Originally Posted by johntuan
    After you use apr posioning from cain to sniff out usernames and passwords how do you decrypt the information you receive. On another note how do you figure out what encryption a website is using? Also, can someone tell me or guide me somewhere that explains certificates because when I sniff myself sites like gmail cause endless popups of invalid certificates.
    Maybe you should learn to walk before you start running?

    http://en.wikipedia.org/wiki/Secure_Sockets_Layer
    http://en.wikipedia.org/wiki/Mitm
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    What I would like to know...is how did the OP get 3 green dots on 1 post....

    Specifically this one

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    Junior Member
    Join Date
    Aug 2004
    Posts
    4
    so how do i decrypt the information i receive when using apr poisoning?

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Errrr, try doing a bit of research? Google is your friend.

    You are at a University and one of the requirements of that, is to be able to find things out for yourself, independently, and without being spoon-fed.

    I will give you a clue: look for an application called JTR as a starter.

    Then look for "decryption tools" and see some of the others. There are loads of tutorials. Just start with one that you understand and realise that there is a learning curve here.

    See if you can get your hands on a couple of obsolete machines as "targets" and set up your own small network for experimentation. At least then you have an environment where you control the parameters.

    As I posted earlier, don't use tools like Cain & Abel on the internet until you really understand them. You should not be getting responses from external third party sites if you are just "sniffing yourself".............. you are actually drawing unwelcome attention to yourself.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #9
    Junior Member
    Join Date
    Aug 2004
    Posts
    4
    Quote Originally Posted by nihil
    Errrr, try doing a bit of research? Google is your friend.

    You are at a University and one of the requirements of that, is to be able to find things out for yourself, independently, and without being spoon-fed.

    I will give you a clue: look for an application called JTR as a starter.

    Then look for "decryption tools" and see some of the others. There are loads of tutorials. Just start with one that you understand and realise that there is a learning curve here.

    See if you can get your hands on a couple of obsolete machines as "targets" and set up your own small network for experimentation. At least then you have an environment where you control the parameters.

    As I posted earlier, don't use tools like Cain & Abel on the internet until you really understand them. You should not be getting responses from external third party sites if you are just "sniffing yourself".............. you are actually drawing unwelcome attention to yourself.
    Do you usually do ip lookups on every new forum member? Thanks for your help though I have tried google and yes sifting through vast information available on the internet is kind of difficult to find exactly what I need.

  10. #10
    Senior Member
    Join Date
    Oct 2007
    Location
    do a whois search on my ip...
    Posts
    268
    Quote Originally Posted by johntuan
    Do you usually do ip lookups on every new forum member? Thanks for your help though I have tried google and yes sifting through vast information available on the internet is kind of difficult to find exactly what I need.
    It makes me feel safe that someone is looking over me =)
    and I am sure it was just to help prove his point that if you want something you will have to find it yourself sorta thing...

Similar Threads

  1. Sniffing mutiple networks
    By coderecycle in forum Newbie Security Questions
    Replies: 9
    Last Post: September 25th, 2004, 12:28 AM
  2. Packet Sniffing Intro
    By tonybradley in forum Network Security Discussions
    Replies: 3
    Last Post: April 30th, 2003, 08:50 PM
  3. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 07:38 PM
  4. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 08:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides