dsniff - a great tool for your network's security

dsniff is described in it's man pages by its author as a plaintext password sniffer;

I wrote dsniff with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext network protocols. Please do not abuse this software.

The purpose of this software is to be used to audit the level of security on your own network, for example, you may have a main computer, and a laptop, which accesses shared files on the main computer. You password it to keep people out, but the password is being sent in plain text across your network, for anyone to read. Dsniff just makes it easier to pinpoint the problems, so you know what to fix.

Here are some examples of protocols that use plaintext insecure passwords:

• FTP
• Telnet
• SMTP
• HTTP
• POP
• NNTP
• IMAP
• LDAP
• Rlogin
• NFS
• X11
• CVS
• IRC
• AIM
• ICQ
• PostgreSQL
• Symantec pcAnywhere
• Microsoft SMB
• Microsoft SQL protocols
• and more

This was a large problem with using network hubs, when switches were introduced, they no longer echoed the message of one computer to all computers, and for a while, security through ignorance was king. We now know better, through newer breaches of security, often known as monkey or man in the middle attacks. This usually employs the arp poisoning technique. Making all hosts believe that an untrusted computer is the network gateway, thus allowing it to see all traffic through the network.

Feel free to discuss the inherent problems with many of today's still commonly used plaintext protocols, and what it means for you or your business.