As I always say, you can never rely your privacy on your system. Anybody can access your data without your knowledge. Especially when you chat, when you send an email, anything you upload to a server. In your LAN, if there is any poisoners, s/he can sniff all your privacy. What is the result, loss of your passwords, loss of your peace of mind, loss of your money. Just watch the following article on ettercap - one of the hot ARP Spoofer.
EtterCap is a multipurpose sniffer / interceptor / logger for a switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many features for network and host analysis.
These features include
1. Characters injection in an established connection: You can inject character to server (emulating commands) or to client (emulating replies) maintaining the connection alive! 2. SSH1 support: you can sniff User and Pass, and even the data of an SSH1 connection. 3. HTTPS support: you can sniff http SSL secured data... and even if the connection is made through a PROXY 4. Remote traffic through GRE tunnel: you can sniff remote traffic through a GRE tunnel from a remote Cisco router and make mitm attack on it 5. PPTP broker: you can perform man in the middle attack against PPTP tunnels 6. Password collector for: TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, HALF LIFE, QUAKE 3, MSN, YMSG. 7. Packet filtering/dropping: You can set up a filter that search for a particular string (even hex) in the TCP or UDP payload and replace it with yours or drop the entire packet. 8. OS fingerprint: you can fingerprint the OS of the victim host and even its network adapter 9. Kill a connection: from the connections list you can kill all the connections you want 10. Passive scanning of the LAN: you can retrieve info about: hosts in the LAN, open ports, services version, type of the host (gateway, router or simple host) and estimated distance in hop. 11. Check for other poisoners: EtterCap has the ability to actively or passively find other poisoners on the LAN.
Yes. Next time when you get lost into your machine, think about this. Somebody may watching you. Caution! Thats all!
EtterCap is a multipurpose sniffer / interceptor / logger for a switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many features for network and host analysis.
These features include
1. Characters injection in an established connection: You can inject character to server (emulating commands) or to client (emulating replies) maintaining the connection alive! 2. SSH1 support: you can sniff User and Pass, and even the data of an SSH1 connection. 3. HTTPS support: you can sniff http SSL secured data... and even if the connection is made through a PROXY 4. Remote traffic through GRE tunnel: you can sniff remote traffic through a GRE tunnel from a remote Cisco router and make mitm attack on it 5. PPTP broker: you can perform man in the middle attack against PPTP tunnels 6. Password collector for: TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, HALF LIFE, QUAKE 3, MSN, YMSG. 7. Packet filtering/dropping: You can set up a filter that search for a particular string (even hex) in the TCP or UDP payload and replace it with yours or drop the entire packet. 8. OS fingerprint: you can fingerprint the OS of the victim host and even its network adapter 9. Kill a connection: from the connections list you can kill all the connections you want 10. Passive scanning of the LAN: you can retrieve info about: hosts in the LAN, open ports, services version, type of the host (gateway, router or simple host) and estimated distance in hop. 11. Check for other poisoners: EtterCap has the ability to actively or passively find other poisoners on the LAN.
Yes. Next time when you get lost into your machine, think about this. Somebody may watching you. Caution! Thats all!
No comments:
Post a Comment