dSniff

From Wikipedia, the free encyclopedia

dSniff
Developed by Dug Song
Latest release 2.3 / December 17, 2000 (2000-12-17); 2734 days ago
OS Unix-like
Genre Packet sniffer
Website www.monkey.org/~dugsong/dsniff/

dSniff is a packet sniffer and set of traffic analysis tools written by Dug Song, a computer security researcher at the University of Michigan. Unlike tcpdump and other low-level packet sniffers, dSniff also includes tools that decode information (passwords, most infamously) sent across the network, rather than simply capturing and printing the raw data, as do generic sniffers like Wireshark and tcpdump. The name dSniff refers both to the package of such tools and one eponymous tool ("dSniff") included within. "dSniff" the tool decodes passwords sent in cleartext across a switched or unswitched Ethernet network. Song's webpage explains that he wrote dSniff with "honest intentions --- to audit my own network, and to demonstrate the insecurity of most network application protocols," although it could easily be used by miscreants to steal passwords.

Other tools included with the package include "sshmitm" and "webmitm", programs designed to intercept SSH version 1 communications and web traffic respectively with a man-in-the-middle attack, "msgsnarf", a program designed to intercept Instant Messenger and IRC conversations, and "macof", a program designed to break poorly-designed Ethernet switches by flooding them with packets with bogus MAC addresses (MAC flooding).

[edit] References

[edit] See also

Languages