Electronic Books

The last step is to create the executable by typing make and pressing Enter.
Sniffing Traffic
251
The Sniffit application will now be created.
To start the Sniffit application, type:
./sniffit ??“s 172.16.1.45 ??“x ??“a ??“F eth0

The ??“s 172.16.1.45 instructs Sniffit to use this IP address as the source.

The ??“x option instructs Sniffit to display extended packet information.

The ??“a option is not very well documented in the Sniffit.8 file.

The ??“F eth0 instructs Sniffit to use the Ethernet device 0.
252
Practical Hacking Techniques and Countermeasures
The Sniffit application will start.
For a ???proof of concept,??? in this example, a terminal session was started to
initiate an FTP session.
Sniffing Traffic
253
Notice that as soon as the attempt is made to the FTP server, the traffic is
scrolling on the Sniffit screen.
The username is entered to log in.
254
Practical Hacking Techniques and Countermeasures
The password is entered.
At this point, the user is logged into the FTP server.
Sniffing Traffic
255
The command is to type quit to exit the FTP connection.
The Sniffit output is displayed on the screen. Notice the clear text FTP
command of QUIT is displayed on the screen. If you scroll up on the output,
you will also see the clear-text username and password as well.
To stop the Sniffit application, hold down the Ctrl key and press the C key.
256
Practical Hacking Techniques and Countermeasures
Sniffit also allows for the redirection of the output to a log file instead of
displaying the output on the screen.


Pages:
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116