Is watching internet traffic possible?

Ventrue · n00b Joined: 28 Aug 2003 Posts: 55

I was wondering, if it is possible for someone to watch the internet traffic between two machines, or catch the traffic that is going to a specific machine.

I mean can someone use a program to watch a free mail-provider for possible unencrypted login names, or just between two machines.

I'm interested in this, because I have to write an essay about this topic, and to get more information. This would be very vital for me, because I have to complete it in a week, and I have no idea if such tracking down of traffic is possible...

If you have some time, and information to share, then please do it. I would highly appreciate that. If you know only names of methods, programs, or such, then share it with me, and I will investigate.

Thanks in advance.

PS.: This is for a computer-contest, nation-wide. Wish me luck :lol:

NeddySeagoon · Posted: Wed Sep 03, 2003 6:15 pm Post subject:

Ventrue,

There are several programs that will do this sort of thing. tcpdump is probably the most well known. You can try it out on your own PC whatever your net connection.

To intercept traffic you have to be somewhere along the route that the traffic passes and that can nary from packet to packet.
Try traceroute on a web site you know the name of to see the route.

These are all command line tools. There are pretty GUIs and helper progs for decipering the traffic captured by tcpdump too.
I'm sure that google will find more for you.

Regards,

NeddySeagoon
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.

koala · Posted: Wed Sep 03, 2003 7:24 pm Post subject:

if you are on a switched network, you'll need ettercap :-b

Mazaev · n00b Joined: 15 Jul 2003 Posts: 11 Location: NYC

hehe.. when I was a Jr. Sysadmin a while back there was some program I played with for a while. Can't remember the name of itunfortunately. Not technically internet traffic, but with root access to the machine it was running on, you could get it to intercept and reroute all LAN traffic through the host and specifically log all unencrypted usernames and passwords, conveniently formatted and grouped together and all.

It is technically possible to run something similar over the internet, though I had no particular desire to go that far with it.

pfft · n00b Joined: 04 Sep 2003 Posts: 22 Location: nowhere

you can emerge and use sniffit, its a small toy to see whats going on between two hosts. try dsniff too ;-)

Valhalla1 · n00b Joined: 14 Mar 2003 Posts: 63

ethereal ?

puddpunk · l33t Joined: 20 Jul 2002 Posts: 681 Location: New Zealand

yep, also try trafshow which shows how much data is flowing between machines, probably can be configured.

Ventrue · n00b Joined: 28 Aug 2003 Posts: 55

Wow, much thanks guys. I will have the best essay, ever written! BTW it is not too good to know, that anyone can sniff internet trafic. I mean, I knew if I'm on a LAN, and some computer uses iptraf-for example, then it catches all packets going out. The kinky part would be that, if someone connects to a route, where he not belongs. I mean, if anyone from anywhere could catch the traffic going through a mail server for example. If this is possible, then I won't use insecure mail login again.

Thanks for your answer, I will try out these programs...