Results 1 to 7 of 7

Thread: Sniffing

  1. #1
    Junior Member
    Join Date
    Aug 2001
    Posts
    19

    Sniffing

    Hi

    How to sniff a machine on LAN without having a physical access to it to install a trojan. Any sniffer you know which lets you sniff packets from a remote machine ?

    Thankx.

  2. #2
    Junior Member
    Join Date
    Nov 2001
    Posts
    10

    Sniffing

    Sniffing is actualy like listening to all the network traffic going through a certain point of a network. If you take a look at the osi module, and at the basic functionality of routers, switchs and hubs, you would clearly see why sniffing from a "remote" machine(assuming "remote" means across a router or switch) is not possible. however, if one was o gain access to the switch of the "sniffed" machine, one could surly view all traffic destined to and from that machine.

    usefull sniffers:

    Windows:

    netXray, SnifferPRO
    Iris

    Linux:

    etherape
    sniffit
    ethereal

  3. #3
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007

    Re: Sniffing

    Originally posted by pps111
    Hi

    How to sniff a machine on LAN without having a physical access to it to install a trojan. Any sniffer you know which lets you sniff packets from a remote machine ?

    Thankx.
    Well, the only way you could really do it is if that machine depended on YOU to give it it's information... (Barring ARP redirects on switched or whatever, blah blah blah.)
    [HvC]Terr: L33T Technical Proficiency

  4. #4
    AntiOnline Senior Member
    Join Date
    Oct 2001
    Posts
    514
    A bit ago, I had a nice proggie called Iris. It worked well for me.

  5. #5
    Junior Member
    Join Date
    Jul 2001
    Posts
    12

    Network analysis.

    This falls under my remit.

    It depends on how the network is set up and the information you want. As far as software agents go I don’t know what is available but I do know what information you can gather based on the Sniffers location.

    Most systems plug directly into the switch, which is a network analysis nightmare.

    The ideal place for gathering data would be a trunk link, but interception would require you to have access to a switch (for port mirroring) or taps/splitters.

    This being the case I don’t feel that an agent based Sniffer would be good for traffic interception. However it would be outstanding for intelligence gathering. It is a useful network management exercise to plug a Sniffer into a Switch just to watch the broadcast traffic. You can see who is on the network, services available (WINS etc) and so on.

    From the data gathered you can the do more in depth lookup on the nodes discovered DNS etc.

    Regards,



    Steve.

  6. #6
    Junior Member
    Join Date
    Nov 2001
    Posts
    1

    Exclamation One of the best sniffing information

    "all information can be sniffed , exist many methods to do that i thing (DNS,ROUTER,...) Spoofing can very usefull to do That , spoofing a Remote Computer on the LAN you'll could get all access,All protocols information .Trojans Normaly can be found easy by Firewall , the point is "be invisible" to give a SPY contitions on LAN a recomed you to Get {.C} scripts that do that if you couldant do that.". Have a nice Spoofing.
    pkgforger-br®

  7. #7
    This info prolly isn't gonna be used for anything positive...hehe o well

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •