[Snort-users] password detection

Mike Shaw mshaw at ...3165...
Mon Mar 18 08:39:16 EST 2002


> >       I know this request is going to sound really devious, but I 
> assure you my
> > intentions are completely white-hat.
> >       I'd like to see how many people are using plain text passwords on my
> > network.  A few protocols that come to mind are telnet and pop3.
> > Obviously,
> > I want to teach them the wonder that is ssh.  I was thinking something
> > like:

A good tool for this is dsniff.  It also comes with several nifty packages 
like mailsnarf and urlsnarf.  In addition to dsniff, mailsnarf is also a 
great seminar/training 'jawdropper' demo.

I've run dsniff on an OpenBSD box concurrently with Snort.  I didn't have 
any problems.

I can't remember the link for dsniff, but it's out there on the search 
engines.  There are Win32 ports available too.

-Mike





More information about the Snort-users mailing list