dsniff


TOOLS
Win32
   New Code
   libevent
   honeyd
   Old Code
   libnids
   dsniff
   ngrep
   scanlogd
   snort
   syslog wrapper

Download
   Binary Packages
   Source Code

Resources
   Winpcap ( Mirror )
   Windump ( Mirror )
   Analyzer ( Mirror )
   Ethereal
   OpenBSD
   Deja News

Development Projects
   Development Source and Binaries

Other
   Picture Gallery
   My Resume

   
COOL LINKS
   Blake Watts WIN32 God
   Snort.org
   E-Mail Me (mike@datanerds.net) PGP Key

Powered by DataNerds.net

DESCRIPTION
Collection of utilities to aid in sniffing network data. These programs require: Built and tested on OpenBSD, Linux, Solaris, and WIN32!. YMMV.

dsniff
simple password sniffer. handles FTP, Telnet, HTTP, POP, NNTP, IMAP, SNMP, LDAP, Rlogin, NFS, SOCKS, X11, IRC, AIM, CVS, ICQ, Napster, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, and Oracle SQL*Net auth info. goes beyond most sniffers in that it minimally parses each application protocol, only saving the "interesting" bits. uses Berkeley DB as its output file format, logging only unique auth info. supports full TCP/IP reassembly, courtesy of libnids (all of the following tools do, as well).

mailsnarf
a fast and easy way to violate the Electronic Communications Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs all messages sniffed from SMTP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail -f, pine, etc.).

urlsnarf
output all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.).

webspy
sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). a fun party trick. :-)

future work: filesnarf (NFS, SMB, AFS), msgsnarf (ICQ, AIM, IRC), screenspy (x11, VNC)

(don't hold your breath)

<dugsong@monkey.org>


[ Original Site ]
   
UPDATES

May 11, 2000
I have finished the WIN32 port of dsniff. You need the winpcap NDIS driver installed to use any of the above applications. dsniff does contain more program then the ones above, however, only the above have been ported to WIN32. [ Binaries | Source ]