Solved

Sniffing telnet session on a switch

Posted on 2004-08-12
4
746 Views
Last Modified: 2013-12-04
Hi

Is it true that you cannot sniff telnet sessions on a switch. For example if I want to sniff the telnet session I make from my Laptop to the cisco router. If my laptop that is going to make a telnet session to cisco session is connected to port 1 on switch the cisco router is connected to port 2 on the switch and my sniffing laptop is connected to port 3, then if the laptop is going to make a telnet session to router can my sniffing laptop capture the traffic in between them ? Or say if I am connected to completely different switch but still on the same network what will be the behavior then ?
0
Comment
Question by:kamal73
  • 2
4 Comments
 
LVL 32

Assisted Solution

by:LucF
LucF earned 125 total points
ID: 11781677
Hi kamal73,

A switch doesn't replicate the information to all ports, so you won't be able to sniff the data that way. To be able to sniff it, you'll have to exchange the switch for a hub, which is nothing more or less than a multi-port repeater, so all data will be send to all ports.

Greetings,

LucF
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 125 total points
ID: 11781697
LucF is correct

Telnet is about as secure as an open window (without SSH) but there are some exeptions to the rule

you CAN sniff an interface with third party software - and some are designed to solely monitor switch ports

see http://www.eeye.com/html/Products/Iris/Download.html  this will sniff and decode anything
telnet traffic, Email traffic - even what web pages particular clients are using.
this is legal though it could be abused - above all, if your going to use this product in a work enviroment you need to inform your employees before you deploy it, as it has certain privicy implications.

Pete
0
 

Author Comment

by:kamal73
ID: 11781758
I'm only going to use it on a Lab network, how can one tell if it is being used on their network ?
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11781806
:) well you cant, hence the need to inform people :)

ThanQ
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
OfficeMate Freezes on login or does not load after login credentials are input.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question