[CentOS] Using tcpdump to sniff telnet password
Fajar Priyanto
fajarpri at cbn.net.idWed Feb 6 08:57:28 UTC 2008
- Previous message: [CentOS] Discrepancy between df and quota commands
- Next message: [CentOS] Using tcpdump to sniff telnet password
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi all, As long as I can remember reading various articles/docs, they all say that telnet is not secure because all traffic is in clear text. Well, out of boredom, I try to sniff username and password from a telnet session. The command I use: tcpdump tcp port 23 -vvv -w test.txt Then I read the result: strings test.txt |`D |fD |fD 38400,38400 Red Hat Enterprise Linux ESD Ologin: D 5eE LsE _tE Password: F [aG |hG jaH Last login: Wed Feb 6 15:53:3H ]0;test4 at server:~ GV{ But it succeeds with FTP. strings test.txt <.9@ 4.:@ 220 (vsFTPd 2.0.1) 4.;@ @.<@ USER test4 331 Please specify the passwor 4.=@ B.>@ PASS secret 230 Login successful. 4.?@ :.@@ SYST 215 UNIX Type: L8 4.A@ Did I miss something? How do we capture telnet password using tcpdump? Thank you. -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 15:51:58 up 8:16, 2.6.22-14-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org The real challenge of teaching is getting your students motivated to learn. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20080206/8c1d3d53/attachment.sig>
- Previous message: [CentOS] Discrepancy between df and quota commands
- Next message: [CentOS] Using tcpdump to sniff telnet password
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list