Security Basics: Re: IIS Sniffing for newb

[John LeMay <jlemay () njmc com>]

> Can someone point me to a simple explanation -- the docs I've read are a bit
> over my head.
>
> I want to sniff the traffic between my workstation and a test IIS server on
> our intranet, to make sure that supposedly secure pages are being encrypted.
> I have no experience trying this.
>
> The test server and my workstation are at my disposal, so I can install
> anything I want.
>
> Any links/tips appreciated,
http://www.ethereal.com

Install Ethereal and it's required WinPcap libraries (use the 3.0 
version, not the 2.3 version) on your workstation since you want to 
sniff between your workstation and the server. If you sniff at the 
server you will probably see traffic from other stations. If you sniff 
at your workstation, and you are on a switched segment, you should be 
able to limit the traffic to almost just your communication with the server.
--
John LeMay
Senior Technical Manager
NJMC, LLC
Technology Solutions for Business


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------