One of the nice features of Ethereal is that you can do "TCP Stream Analysis." Basically, this shows the ASCII stream of data going back-and-forth between the client and server. When analyzing telnet sessions it is pretty easy to see the clear-text passwords this way.
HTH Ben -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sasa Milic Sent: Friday, May 24, 2002 2:32 PM To: [EMAIL PROTECTED] Subject: Re: Provider Backbone Engineering and CCIEs [7:44876] Because pop3 username and password use two packets (one for "USER username" and another for "PASS password" command). With telnet, every keystroke is transmitted in separate packet. It is possible to collect them all and reconstruct username/password, but it's not trivial as with pop3. Sasa CCIE 8635 Henrique Duarte wrote: > > Why can't I sniff my telnet login/password in clear text but can sniff my > pop3 login/password in clear text? I'm using Sniffer Pro 4.5. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45226&t=44876 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
