Re: Sniffing on a switch

From: coryrc (coryrc_at_gmail.com)
Date: 11/02/05

  • Next message: Daniel Miessler: "Re: Insecure Hash Algorithms (MD5) and NTLMv2" 
    To: <pen-test@securityfocus.com>
Date: Tue, 1 Nov 2005 23:02:24 -0600

    Cain Also has a nice DNS redirect feature, very nice. and it can also sniff
    out voip calls over the switch

    ~Cerebellum

    ----- Original Message -----
    From: <Marc.Werner@t-systems.com>
    To: <andy.meyers@hushmail.com>; <pen-test@securityfocus.com>
    Sent: Tuesday, November 01, 2005 1:17 AM
    Subject: AW: Sniffing on a switch

    Hi,

    If you don't want to use linux, try Cain.
    http://www.oxid.it/cain.html

    cheers marc

    -----Ursprüngliche Nachricht-----
    Von: Andy Meyers [mailto:andy.meyers@hushmail.com]
    Gesendet: Freitag, 28. Oktober 2005 04:55
    An: pen-test@securityfocus.com
    Betreff: Sniffing on a switch

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Now i know people say you "cant" sniff on a switch and I know about ARP
    poisoning and MAC flooding. But there has to be another way. I have heard
    too many stories about "he sniffed my AIM conversation on a Cisco switch"
    (an example is in the most recent version of 2600). Does anyone know of any
    technique how to do this? Can you ARP poison a switch?

    Ashes
    -----BEGIN PGP SIGNATURE-----
    Note: This signature can be verified at https://www.hushtools.com/verify/
    Version: Hush 2.4
    Charset: UTF8

    wkYEARECAAYFAkNhkwYACgkQnZu7yPmLRpArTQCgp2JsbOSySZJ7XFvgy1sY4GcGntYA
    oIwtV7CLTBjr5j2yW0v1In/Jm7Yv
    =rigp
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------- 

    --
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
  • Next message: Daniel Miessler: "Re: Insecure Hash Algorithms (MD5) and NTLMv2"

    Relevant Pages

    • RE: 3rd party vuln assesment firms
      ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
      (Pen-Test)
    • RE: 3rd party vuln assesment firms
      ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
      (Pen-Test)
    • RE: Penetration test of 1 IP address
      ... Before I do anything very intrusive I personally go to the website ... Also remember once you have found a vulnerability, ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
      (Pen-Test)
    • Re: Sniffing on a switch
      ... > Now i know people say you "cant" sniff on a switch and I know about ARP ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ... Cross site scripting and other web attacks before hackers ...
      (Pen-Test)
    • RE: Sniffing on a switch
      ... > Subject: Sniffing on a switch ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
      (Pen-Test)