Slashdot Mirror

← Back to Stories (view on slashdot.org)

The men behind ettercap-NG

Posted by CmdrTaco on from the lock-down-the-hatches dept.

An anonymous reader writes "In 2001 two Italians released the first beta version of ettercap, a network protocol analyzer. Ettercap is now covered in most security books. It's number 9 in the Top 75 Security Tools list of the Nmap Hackers mailing list. This summer they released ettercap-NG, which was completely rewritten from scratch with better, modular code, making it easier to add new features and write and submit patches. NewsForge recently caught up with its authors for an Interview."

9 of 89 comments (clear)

  1. Re:Well, I have never liked ettercap by kentmartin · · Score: 4, Informative

    I agree re: ethereal.

    I don't know why it wasn't linked to in the article, but here you go:

    Homepage: http://ettercap.sourceforge.net/
    Description: A suite for man in the middle attacks and network mapping

  2. Top 75 Security Tools by Noksagt · · Score: 4, Informative

    The other top tools.

  3. Re:Well, I have never liked ettercap by grap · · Score: 2, Informative

    ettercap has almost nothing to do with ethereal, tcpdump or any other general-purpose sniffers. It's for a men-in-the-middle attack, with ARP poisoning and other techniques, not for simply sniffing packets that already come to your NIC.

    It can sniff in a switched enviroment. You can't do this whith TCPDUMP !!!

  4. Network Analizer... duh by Anonymous Coward · · Score: 3, Informative

    Ettercap is evil :)

    It's more of a hacking tool than a network analizer. It allows you to sniff switched networks, perform man-in-the-middle-attacks, it looks for passwords, etc.

    1. Re:Network Analizer... duh by Anonymous Coward · · Score: 1, Informative

      you are quite wrong. it is possible. try a google for something like "switch mac flood sniff." hopefully the results will help you, and others, realize that often times there is more to security than what "seems" secure.

    2. Re:Network Analizer... duh by _Sprocket_ · · Score: 2, Informative

      Maybe you should take a look at ettercap?

  5. Re:Good summary, this time by lukewarmfusion · · Score: 2, Informative

    I don't think this was that good of a summary at all. I've never used ettercap and I've only heard it mentioned in passing. The story simply doesn't explain what it is.

    From ettercap project page:
    "Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis."

    That's a little more informative than "network protocol analyzer."

  6. Try it with the new UBCD by Leigh13 · · Score: 4, Informative

    The new 3.0 release of the excellent Ultimate Boot CD has Ettercap included with the INSERT live CD. If you're a Windows user, it's an easy way to boot into Linux and try it out without having to worry about compiling and what not.

    --

    What I should have said was nothing.
  7. even works on Mac OS X by ubiquitin · · Score: 2, Informative

    Check out: ettercap.darwinports.com

    --
    http://tinyurl.com/4ny52