Date: Mon, 07 Aug 2000 11:23:08 -0400 From: Paul Halliday <transmogrify@sympatico.ca> To: David Fuchs <dfuchs@uniserve.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Telnet Encryption Message-ID: <398ED45B.38E80373@sympatico.ca> References: <001001bffde0$7e1a07c0$0201a8c0@beastie.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Check out dsniff "www.monkey.org/~dugsong" it is also in the ports collection. It will reveal both user name and password from a telnet session, ftp, pop, etc. David Fuchs wrote: > I've been told that I can reveal the passwords of my users by sniffing port > 23. I've tried this, but it doesn't seem to work, all I can see is the > user's username. In this case, is security a concern with telnet? Why go to > the extra trouble of SSH when telnet *seems* safe in the first place? The > only way I've been able to retrieve passwords is by sniffing ports 110 and > 143, but I'm a little more concerned with the telnet accounts. Any ideas on > this? > > Thanx! > > -David > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?398ED45B.38E80373>