Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 28 Jul 1997 20:33:11 -0400 (EDT)
From:      Brian Buchanan <brian@thought.res.cmu.edu>
To:        "Nicole H." <nicole@mediacity.com>
Cc:        security@FreeBSD.ORG
Subject:   Re: Detecting sniffers (was: Re: security hole in FreeBSD) 
Message-ID:  <Pine.BSF.3.96.970728202334.26892D-100000@thought.res.cmu.edu>
In-Reply-To: <Chameleon.870092851.nmh@geekgirl>

next in thread | previous in thread | raw e-mail | index | archive | help
>  Thats kind of what I thought. Does anyone know however if an Ascend Max unit can be sniffed across. I.E. Can 
> a dial up user sniff everyone else connected to the ethernet that it is plugged into, assuming it is not 
> using bridging.

Almost certainly not.  I'm assuming the unit is a terminal server, and in
that case it acts as a gateway between the dialup connection and the local
network.  Sending all network traffic over the dialup line would very
quickly saturate it. 

> 
> If this is not possible. How do most people tend to sniff a network to get a password since you have to be on 
> the network to sniff for a password....

Once you've compromised root on one system on a network, you can sniff
anything that passes past or through that machine.  From there, it's
possible to sniff out passwords to other machines on that network, or
passwords to remote machines that were transmitted over the local network.

Any kind of "public" network is especially vulnerable to this kind of
attack.  Someone could use the bug of the week to get root privilages on a
UNIX or NT workstation and sniff the network its connected to for people
sending passwords to remote machines.  If someone sends a root password,
the attack can spread to that machine and then to its entire network.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970728202334.26892D-100000>