[Snort-users] password detection
mshaw at ...3165...
Mon Mar 18 08:39:16 EST 2002
> > I know this request is going to sound really devious, but I
> assure you my
> > intentions are completely white-hat.
> > I'd like to see how many people are using plain text passwords on my
> > network. A few protocols that come to mind are telnet and pop3.
> > Obviously,
> > I want to teach them the wonder that is ssh. I was thinking something
> > like:
A good tool for this is dsniff. It also comes with several nifty packages
like mailsnarf and urlsnarf. In addition to dsniff, mailsnarf is also a
great seminar/training 'jawdropper' demo.
I've run dsniff on an OpenBSD box concurrently with Snort. I didn't have
I can't remember the link for dsniff, but it's out there on the search
engines. There are Win32 ports available too.
More information about the Snort-users