Message-Id: <200012080008.TAA12944@tiramisu.lcs.mit.edu>
To: security-internal@MIT.EDU
Subject: Dug Song: dsniff sneak peek
Date: Thu, 07 Dec 2000 19:08:01 EST
From: Kevin Fu <fubob@MIT.EDU>
Status: O

------- Forwarded Message
Date: Thu, 7 Dec 2000 18:57:19 -0500
From: Dug Song <dugsong@monkey.org>
To: monkeys@monkey.org
Subject: dsniff sneak peek

just wanted to invite you to take a sneak peek at the next version of
dsniff, to be released on its first birthday, Dec. 17th. :-)

version 2.3 includes new tools dnsspoof, sshmitm, webmitm, and
msgsnarf. in conjunction with dnsspoof, sshmitm allows you to
intercept SSH connections for interactive monitoring and hijacking.
webmitm allows you to sniff sensitive data out of SSL-encrypted web
requests / form submissions, a neat trick i demonstrated to Niels by
showing him his online banking login/password. :-)

to my knowledge, this is the first public implementation of a
man-in-the-middle toolkit to defeat PKI-based encrypted
protocols. i'll probably go after Lucent's proprietary (D-H)
PubStation auth next, unless they go to PPP over 802.11...

	http://www.monkey.org/~dugsong/dsniff/beta/dsniff-2.3b5.tar.gz

i'll have a FAQ available for this release as well:

	http://www.monkey.org/~dugsong/dsniff/faq.html

anyhow, just wanted to give a heads-up, so you know what's going on if
you see your SSH host keys change. ;-)

- -d.

- ---
http://www.monkey.org/~dugsong/

------- End of Forwarded Message