From owner-freebsd-security Mon Jul 28 17:33:15 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id RAA17044 for security-outgoing; Mon, 28 Jul 1997 17:33:15 -0700 (PDT) Received: from thought.res.cmu.edu (THOUGHT.RES.CMU.EDU [128.2.94.7]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA17036 for ; Mon, 28 Jul 1997 17:33:13 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by thought.res.cmu.edu (8.8.5/8.6.12) with SMTP id UAA27116; Mon, 28 Jul 1997 20:33:11 -0400 (EDT) Date: Mon, 28 Jul 1997 20:33:11 -0400 (EDT) From: Brian Buchanan To: "Nicole H." cc: security@FreeBSD.ORG Subject: Re: Detecting sniffers (was: Re: security hole in FreeBSD) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Thats kind of what I thought. Does anyone know however if an Ascend Max unit can be sniffed across. I.E. Can > a dial up user sniff everyone else connected to the ethernet that it is plugged into, assuming it is not > using bridging. Almost certainly not. I'm assuming the unit is a terminal server, and in that case it acts as a gateway between the dialup connection and the local network. Sending all network traffic over the dialup line would very quickly saturate it. > > If this is not possible. How do most people tend to sniff a network to get a password since you have to be on > the network to sniff for a password.... Once you've compromised root on one system on a network, you can sniff anything that passes past or through that machine. From there, it's possible to sniff out passwords to other machines on that network, or passwords to remote machines that were transmitted over the local network. Any kind of "public" network is especially vulnerable to this kind of attack. Someone could use the bug of the week to get root privilages on a UNIX or NT workstation and sniff the network its connected to for people sending passwords to remote machines. If someone sends a root password, the attack can spread to that machine and then to its entire network.