Penetration Testing: dsniff wierdness

[Matt Glaves <matt () glaves org>]

Figured I'd give this list a shot a really weird problem..

I have a Debian box running 2.6.15 that only logs traffic destined for 
the box.  There  is 5Mbit of proxy traffic going through the nic and it 
doesn't see any of it.  If I start pop3 on the box and telnet to it from 
a remote PC it gets logged in dsniff properly.  tcpdump and other 
sniffers see all traffic passing through the server just fine...  I 
tried dumping the debian package and compiling by hand and still get the 
same results.
Anyone seen something like this?  I'm guessing there is a library 
incompat between the dated dsniff sourcetree and the newer libs on this box.
thanks,
matt




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------