Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Sniffing on a switch

Re: Sniffing on a switch

From: <DMORROW5_at_satx.rr.com>
Date: Thu, 03 Nov 2005 10:08:01 -0600

Hey Cory,

     Even though you're using these tools with honest intentions,
couldn't ARP spoofing, (MITM), be considered, for lack of a better
word...hacking?

Dana

----- Original Message -----
From: NewYork User <newyorkuser_at_gmail.com>
Date: Wednesday, November 2, 2005 9:20 am
Subject: Re: Sniffing on a switch

> There is a great tool called WinARP spoofer for windows. This tool has
> a nice GUI and is very easy to use. It basically sends ARP broadcast
> continuously and updates ARP table on all the PCs that are connected
> to the switch; makes your PC a gateway and forwards to traffic to the
> gateway (Typical man-in-the-middle). After you start spooofing, you
> can use any of your favorite sniffer to capture all the traffic on the
> switch. I use Ethereal. WinARP spoofer and Ethereal as a combination
> works great. Give it a shot.
>
> http://www.addict3d.org/index.php?page=downloadfile&ID=3565
>
> Hope this helps.
>
> --------------------------------------------------------------------
> ----------
> Audit your website security with Acunetix Web Vulnerability
> Scanner:
>
> Hackers are concentrating their efforts on attacking applications
> on your
> website. Up to 75% of cyber attacks are launched on shopping carts,
> forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down
> servers are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------
> -----------
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Received on Nov 04 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos