Closed Thread Icon

Topic awaiting preservation: How would one go about compromising ones own security? Pages that link to <a href="https://ozoneasylum.com/backlink?for=12625" title="Pages that link to Topic awaiting preservation: How would one go about compromising ones own security?" rel="nofollow" >Topic awaiting preservation: How would one go about compromising ones own security?\

 
Author Thread
Maskkkk
Paranoid (IV) Inmate

From: Willaimsport, PA, US of A the hole in the Ozone
Insane since: Mar 2002

posted posted 02-27-2003 21:54

Hey if I wanted to sniff my own packets (and reasemble them) just to see if anybody else could, what free program could I use?



Maskkkk

- Face the Present
- AIM: MASKKKK

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted posted 02-28-2003 00:05

Ethereal is generally the tool of choice.





.:[ Never resist a perfect moment ]:.

Maskkkk
Paranoid (IV) Inmate

From: Willaimsport, PA, US of A the hole in the Ozone
Insane since: Mar 2002

posted posted 02-28-2003 02:15

Ok I got it, but it doesn't seem to work on windows...

Because I can't seem to find the right interface (which I'm assuming is a network card) I tried eth0, eth1, and eth2
(I know that's Linux jargon not windows. But I don't know how to do it


I get this error that pops up on my screen....

"The capture session could not be initiated (Error opening adapter: Overlapped I/O operation is in progress.).
Please check that you have the proper interface specified.

Note that the driver Etherreal uses for packet capture on Windows doesn't support capturing on PPP/WAN interfaces in Windows NT/2000/XP/.NET Server"

Note: when I go to look for the interfaces in the drop down box I don't find anything, there's nothing listed.
(Of course first I went to Capture->Start)

The program installed some kinda WinP?? something or other too when I installed it.
Might I add I'm running windows XP off of a cable modem (behind a router of course)

And I tried Linux too, but....
I can't get it to install right due to these dependancies(This is the base files mind you....I didn't even get to the GUI yet)

The dependancies are:

- libcrypto.so.2 is needed by ethereal-base-0.9.9-1.7.2
- libpcap.so.0.6.2 is needed by ethereal-base-0.9.9-1.7.2


Ok so there ya have it,
They really don't make this easy to setup do they?

And here I'm running Mandrake 7.?
(On the same computer, ah sorta emulator type thing VMWare)



Maskkkk

- Face the Present
- AIM: MASKKKK

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted posted 02-28-2003 03:59

http://www.ethereal.com/faq.html#q5.11

Looks like you may have to login as administrator at least once and run it.



.:[ Never resist a perfect moment ]:.

Maskkkk
Paranoid (IV) Inmate

From: Willaimsport, PA, US of A the hole in the Ozone
Insane since: Mar 2002

posted posted 02-28-2003 06:04

Nevermind all I needed was a reboot



Maskkkk

- Face the Present
- AIM: MASKKKK

Maskkkk
Paranoid (IV) Inmate

From: Willaimsport, PA, US of A the hole in the Ozone
Insane since: Mar 2002

posted posted 02-28-2003 17:01

My own security has been compromised!

I sent the message you see above to the Ozone last night while sniffing and I was horrified to see my own password and username sent by a GET request to the Ozone!!!!

Can you sniff everybody elses with that too?
Because it would be no big deal if only I could read it, but something tells me there a way for everybody else to read it on my local LAN!



Maskkkk

- Face the Present
- AIM: MASKKKK

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted posted 02-28-2003 18:48

test



.:[ Never resist a perfect moment ]:.

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted posted 02-28-2003 18:50

wierd It shouldn't be via a get request. However in answer to your question, anytime you send a request to a server that is not https encrypted you can have your packets sniffed. I don't think that's true of people just on your local LAN because the route of your packets shouldn't be through any of their machines.

However any router that it bounces through can be sniffed.



.:[ Never resist a perfect moment ]:.

Maskkkk
Paranoid (IV) Inmate

From: Willaimsport, PA, US of A the hole in the Ozone
Insane since: Mar 2002

posted posted 02-28-2003 19:14

Ok so that means that if I really want to encrypt something (really encrypt something), I need to use https instead of http...?



Maskkkk

- Face the Present
- AIM: MASKKKK

Maskkkk
Paranoid (IV) Inmate

From: Willaimsport, PA, US of A the hole in the Ozone
Insane since: Mar 2002

posted posted 03-03-2003 16:59

How do I sniff my own router?



Maskkkk

- Face the Present
- AIM: MASKKKK

« BackwardsOnwards »

Show Forum Drop Down Menu