HOME

TheInfoList



Click Here for Items Related To - Dsniff
OR:
Dsniff on:   [Wikipedia]   [Google]   [Amazon]

dSniff is a set of password sniffing and network traffic analysis tools written by security researcher and startup founder Dug Song to parse different application protocols and extract relevant information. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g., due to layer-2 switching). sshmitm and webmitm implement active man-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.


Overview

The applications sniff usernames and passwords, web pages being visited, contents of an email, etc. As the name implies, dsniff is a network sniffer, but it can also be used to disrupt the normal behavior of switched networks and cause network traffic from other hosts on the same network segment to be visible, not just traffic involving the host dsniff is running on. It handles
FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...
,
Telnet Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. User data is interspersed in-band with Telnet cont ...
,
SMTP The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typic ...
,
HTTP The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, ...
,
POP Pop or POP may refer to: Arts, entertainment, and media Music * Pop music, a musical genre Artists * POP, a Japanese idol group now known as Gang Parade * Pop!, a UK pop group * Pop! featuring Angie Hart, an Australian band Albums * ''Pop'' (G ...
, poppass,
NNTP The Network News Transfer Protocol (NNTP) is an application protocol used for transporting Usenet news articles (''netnews'') between news servers, and for reading/posting articles by the end user client applications. Brian Kantor of the Univ ...
,
IMAP In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by . IMAP was designed with the goal of pe ...
,
SNMP Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behaviour. Devices that typically ...
,
LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory serv ...
,
Rlogin The Berkeley r-commands are a suite of computer programs designed to enable users of one Unix system to log in or issue commands to another Unix computer via TCP/IP computer network. The r-commands were developed in 1982 by the Computer System ...
,
RIP Rest in peace (RIP), a phrase from the Latin (), is sometimes used in traditional Christian services and prayers, such as in the Catholic, Lutheran, Anglican, and Methodist denominations, to wish the soul of a decedent eternal rest and peac ...
,
OSPF Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous syste ...
,
PPTP The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. PPTP has many well known security issues. PPTP uses a TCP control channel and a Generic Routing Encapsulation tunnel to encapsulate P ...
MS-CHAP, NFS, VRRP, YP/NIS,
SOCKS A sock is a piece of clothing worn on the feet and often covering the ankle or some part of the calf. Some types of shoes or boots are typically worn over socks. In ancient times, socks were made from leather or matted animal hair. In the lat ...
, X11, CVS,
IRC Internet Relay Chat (IRC) is a text-based chat system for instant messaging. IRC is designed for Many-to-many, group communication in discussion forums, called ''#Channels, channels'', but also allows one-on-one communication via instant messa ...
, AIM, ICQ,
Napster Napster was a peer-to-peer file sharing application. It originally launched on June 1, 1999, with an emphasis on digital audio file distribution. Audio songs shared on the service were typically encoded in the MP3 format. It was founded by Sh ...
,
PostgreSQL PostgreSQL (, ), also known as Postgres, is a free and open-source relational database management system (RDBMS) emphasizing extensibility and SQL compliance. It was originally named POSTGRES, referring to its origins as a successor to the In ...
, Meeting Maker, Citrix ICA, Symantec pc Anywhere, NAI Sniffer,
Microsoft Microsoft Corporation is an American multinational corporation, multinational technology company, technology corporation producing Software, computer software, consumer electronics, personal computers, and related services headquartered at th ...
SMB,
Oracle An oracle is a person or agency considered to provide wise and insightful counsel or prophetic predictions, most notably including precognition of the future, inspired by deities. As such, it is a form of divination. Description The wor ...
SQL*Net,
Sybase Sybase, Inc. was an enterprise software and services company. The company produced software to manage and analyze information in relational databases, with facilities located in California and Massachusetts. Sybase was acquired by SAP in 2010; ...
and Microsoft SQL protocols. The name "dsniff" refers both to the package as well as an included tool. The "dsniff" tool decodes passwords sent in
cleartext In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. Overview With the advent of c ...
across a switched or unswitched
Ethernet Ethernet () is a family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). It was commercially introduced in 1980 and first standardized in ...
network. Its
man page A man page (short for manual page) is a form of software documentation usually found on a Unix or Unix-like operating system. Topics covered include computer programs (including library and system calls), formal standards and conventions, and ev ...
explains that Dug Song wrote dsniff with "honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext network protocols." He then requests, "Please do not abuse this software." These are the files that are configured in dsniff folder /etc/dsniff/ ;/etc/dsniff/dnsspoof.hosts : Sample hosts file. :If no host file is specified, replies will be forged for all address queries on the LAN with an answer of the local machine’s IP address. ;/etc/dsniff/dsniff.magic : Network protocol magic ;/etc/dsniff/dsniff.services : Default trigger table The man page for dsniff explains all the flags. To learn more about using dsniff, you can explore the Linux man page.dsniff(8): password sniffer - Linux man page
/ref> This is a list of descriptions for the various dsniff programs. This text belong to the dsniff “README” written by the author, Dug Song.


See also

* Comparison of packet analyzers * EtherApe, a network mapping tool that relies on sniffing traffic * netsniff-ng, a free Linux networking toolkit *
Network tap A network tap is a system that monitors events on a local network. A tap is typically a dedicated hardware device, which provides a way to access the data flowing across a computer network. The network tap has (at least) three ports: an ''A port ...
*
Ngrep ngrep (network grep) is a network packet analyzer written by Jordan Ritter. It has a command-line interface, and relies upon the pcap library and the GNU regex library. ngrep supports Berkeley Packet Filter ( BPF) logic to select network sour ...
, a tool that can match regular expressions within the network packet payloads *
tcpdump tcpdump is a data-network packet analyzer computer program that runs under a command line interface. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distribu ...
, a
packet analyzer A packet analyzer, also known as packet sniffer, protocol analyzer, or network analyzer, is a computer program or computer hardware such as a packet capture appliance, that can intercept and log traffic that passes over a computer network or ...
*
Tcptrace tcptrace is a free and open-source tool for analyzing TCP dump files. It accepts as input files produced by packet-capture programs, including tcpdump, Wireshark, and snoop. tcptrace can produce several different types of output containing in ...
, a tool for analyzing the logs produced by tcpdump *
Wireshark Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 du ...
, a GUI based alternative to tcpdump


References


External links


Official website
*Dunston, Duane, Linuxsecurity.com, “And away we spoof!!!” http://www.linuxsecurity.com/docs/PDF/dsniff-n-mirror.pdf {{DEFAULTSORT:Dsniff Network analyzers Password cracking software Free network management software