Slashdot Mirror


Unhealthy Sniffing

Simon Doring writes "Stefan Esser did it again. Yesterday he reported 13 remote root vulnerabilities in Ethereal. Time to teach all those sniffing kiddies an unhealthy lesson. The next LAN party will be a lot of fun."

3 of 49 comments (clear)

  1. Ettercap by vasqzr · · Score: 4, Interesting

    Sounds like a good time to check out Ettercap

    Short Description:

    Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN.
    It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.

  2. Wardriving by DustMagnet · · Score: 4, Interesting

    These bugs can also be used to catch war drivers. Another trick I've seen in a white paper was to transmit fake traffic from an unused IP address and watch for reverse DNS lookups.

    --
    'SBEMAIL!' is better than a goat!!
  3. Why don't distros use buffer overflow protection? by Homology · · Score: 4, Interesting
    13 remotely triggerable vulnerabilities were discovered in the multiprotocol packet sniffer Ethereal that allow remote compromise.

    Thanks to ProPolice on OpenBSD, these stack overflows will only lead to a crash, not a root exploit on this OS.

    Gentoo has a project called "Hardened Gentoo" where the stack overflow would just chrash the Ethereal.It's time the bigger Linux distros implement similar technology (that exist as PaX).