[Snort-users] OT: Sniffing Switched Traffic

Bill Marquette wlmarque at ...8...
Wed Apr 11 13:37:03 EDT 2001

Check out http://www.monkey.org/~dugsong/dsniff - switches aren't useful for
security, only for bandwidth utilization.  If it's non-encrypted traffic (as
telnet is) you should be able to own his box in under 30 seconds of getting
dsniff compiled and installed.


From: "Caruso, Ken" <ken.caruso at ...1122...> on 04/11/2001 12:16 PM

To:   snort-users at lists.sourceforge.net
Subject:  [Snort-users] OT: Sniffing Switched Traffic


     Slightly off-topic but I figured this would be wise list to ask. I
recently got in a friendly argument with a co-worker regarding the fact that
we still use telnet on a majority of our sun systems. He went on about how
we are on a switched network and we are firewalled, yadda, yadda, yadda.
Just to ruffle his feathers I would like to set up a test scenario on
Catalyst 4000 switch, and possibly compromise the switch or impersonate a
mac address to try to intercept telnet traffic. Can somebody point me to a
good online document/resource for this.


Ken Caruso

Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list