Duo's two-factor authentication protects against credential theft - try it for free!
dsniff
latest release: dsniff-2.3.tar.gz (CHANGES)
beta snapshotsAbstract
dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.I wrote these tools with honest intentions - to audit my own network, and to demonstrate the insecurity of most network application protocols. Please do not abuse this software.
Documentation
In addition to man pages included in the distribution, a dsniff Frequently-Asked Questions document is also available.Pour les francophones, Denis Ducamp a traduit les manuels de dsniff-2.3 en français.
Support
A mailing list for dsniff announcements and moderated discussion is open to the public. To subscribe, send e-mail with the word "subscribe" in the body of the message to <dsniff-request@monkey.org>.Further Reading
Recent presentations:Recent press:
- "Passwords Found on a Wireless Network", D. Song, USENIX Technical Conference WIP, June 2000.
- "Network Monitoring with Dsniff, LinuxSecurity.com, May 2001.
- "On the lookout for dsniff, part 2, IBM DeveloperWorks, February 2001.
- " On the lookout for dsniff", IBM DeveloperWorks, January 2001.
- "dsniff and SSH", O'Reilly Sysadmin News, December 2000.
- "Attacks Against SSH 1 and SSL", Slashdot, December 2000.
- "The End of SSL and SSH?", SecurityPortal, December 2000.
- "Catch Hackers in the Act", CNET Web Builder, December 2000.
- "Why Your Switched Network Isn't Secure", SANS Institute, September 2000.
- "Switched networks lose their security advantage due to packet-capturing tool", InfoWorld magazine, May 2000.
- "Think you're safe from sniffing?", Windows 2000 magazine, June 2000.
dsniff around the world:
- Brazil
- Chile
- China
- France
- Hungary
- Italy
- Japan
- Korea
- Lithuania
- Netherlands
- Russia
- Slovakia
- Switzerland
- Ukraine
- Venezuela
- Yugoslavia
Recent books that cover dsniff in some detail:
- B. Hatch, G. Kurtz, J. Lee. Hacking Linux Exposed, McGraw-Hill, 2001.
- S. McClure, J. Scambray, G. Kurtz. Hacking Exposed, McGraw-Hill, 1999.
- R. Russell, ed. Hack Proofing Your Network, Syngress Media, Inc., 2000.
Dug Song <dugsong@monkey.org>