LinuxLinks.com
Newbies What Next ? News Forums Calendar

Search





News Sections
Home
General News (3973/0)
Reviews (628/0)
Press Releases (464/0)
Distributions (187/0)
Software (879/0)
Hardware (522/0)
Security (192/0)
Tutorials (345/0)
Off Topic (181/0)


User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User


Events
There are no upcoming events




Ettercap

Ettercap

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.

It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. 

Ettercap NG uses the unified sniffing method which is the base for all the attacks.

Data injection in an established connection and filtering (substitute or drop a packet) on the fly is also possible, keeping the connection synchronized.

Many sniffing modes were implemented to give you a powerful and complete sniffing suite. It's possible to sniff in four modes: IP Based, MAC Based, ARP Based (full-duplex) and PublicARP Based (half-duplex).

It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.

 Ettercap

License
GNU GPL v2

Developer
Alberto Ornaghi and Marco Valleri

Website
ettercap.sourceforge.net

Requirements
libpcap >= 0.8.1
libnet >= 1.1.2.1
libpthread
zlib

Support:
Mailing Lists

Selected Reviews:

Features include:

  • IP-based: packets are filtered based on IP source and destination
  • MAC-based: packets are filtered based on MAC address, useful for sniffing connections through a gateway
  • ARP-based: uses ARP poisoning to sniff on a switched LAN between two hosts (full-duplex).
  • PublicARP-based: uses ARP poisoning to sniff on a switched LAN from a victim host to all other hosts (half-duplex)

The software also offers the following features:

  • Character injection into an established connection: characters can be injected into a server (emulating commands) or to a client (emulating replies) while maintaining a live connection
  • SSH1 support: the sniffing of a username and password, and even the data of an SSH1 connection. Ettercap is the first software capable of sniffing an SSH connection in full duplex
  • HTTPS support: the sniffing of HTTP SSL secured data--even when the connection is made through a proxy
  • Remote traffic through a GRE tunnel: the sniffing of remote traffic through a GRE tunnel from a remote Cisco router, and perform a man-in-the-middle attack on it
  • Plug-in support: creation of custom plugins using Ettercap's API
  • Password collectors for: TELNET, FTP, POP, IMAP, rlogin, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half-Life, Quake 3, MSN, YMSG
  • Packet filtering/dropping: setting up a filter that searches for a particular string (or hexadecimal sequence) in the TCP or UDP payload and replaces it with a custom string/sequence of choice, or drops the entire packet
  • OS fingerprinting: determine the OS of the victim host and its network adapter
  • Kill a connection: killing connections of choice from the connections-list
  • Passive scanning of the LAN: retrieval of information about hosts on the LAN, their open ports, the version numbers of available services, the type of the host (gateway, router or simple PC) and estimated distances in number of hops
  • Hijacking of DNS(Domain Name System) requests
  • Ettercap also has the ability to actively or passively find other poisoners on the LAN.

Return to Security Home Page

Bookmark and Share


Last Updated Wednesday, April 02 2014 @ 02:19 PM EST


We have written a range of guides highlighting excellent free books for popular programming languages. Check out the following guides: C, C++, C#, Java, JavaScript, CoffeeScript, HTML, Python, Ruby, Perl, Haskell, PHP, Lisp, R, Prolog, Scala, Scheme, Forth, SQL, Node.js (new), Fortran (new), Erlang (new), Pascal (new), and Ada (new).


Group Tests
All Group Tests

Top Free Software
5 Office Suites
7 Document Processors
6 Lean Desktops
6 Desktop Search
9 Project Management
9 Groupware Apps
14 File Managers
10 Databases
21 Backup Tools
21 DVD Tools
21 Window Managers
21 Productivity Tools
9 Terminal Emulators
21 Financial Tools
21 Text Editors
21 Video Emulators
21 Home Emulators
42 Graphics Apps
6 CAD Apps
42 Scientific Apps
10 Web Browsers
42 Email Apps
12 Instant Messaging
10 IRC Clients
7 Twitter Clients
12 News Aggregators
11 VoIP Apps
11 Remote Display Apps
42 Best Games
42 More Games
21 More Games
21 Notable Games (1)
21 Notable Games (2)
21 Notable Games (3)
8 ASCII Games
9 Educational Games
42 Audio Apps
42 Video Apps
6 Screencasting Apps
80 Security Apps
9 System Monitoring
6 Family History Apps
11 PDF Tools
6 Music Servers
6 Collection Managers
7 Calculator Apps
8 Geometry Apps
Free Console Apps
14 Multimedia
Programming
8 Compilers
9 IDEs
9 Debuggers
7 Revision Control Apps
6 Doc Generators
'Free' Proprietary
21 Closed-Source Apps
Top Commercial Apps
42 Games
Free Web Software
21 Web CMS
14 Wiki Engines
8 Blog Apps
6 eCommerce Apps
5 Human Resource Apps
10 ERP
10 CRM
6 Data Warehouse Apps
8 Business Intelligence
6 Point-of-Sale

All Group Tests

Other Articles
Migrating from Windows
Back up your data
Distribution Guide
Distro Portal Pages
20 Free Linux Books
Running Linux Under Windows


Older Stories
Sunday 08/10
  • Exciting New Terminal Emulators (0)

  • Saturday 08/02
  • The Best Lightweight Graphical Email Clients (0)

  • Sunday 07/20
  • Excellent Free Distraction-Free Tools for Writers (0)
  • Pick of the Bunch: Console Internet Applications (0)
  • Mobile Phone Management Made Easy (0)

  • Saturday 06/28
  • Easy File Comparisons With These Great Free Diff Tools (0)
  • 9 ASCII Games You'll Want to Play Again and Again (0)

  • Friday 06/13
  • 12 Remarkable Free Shell Scripting Books (0)

  • Saturday 06/07
  • Open Source LDAP Solutions (0)

  • Monday 06/02
  • Delightful ASCII Art Tools (0)


  • Vote

    What do you find MOST attractive about Open Source software?

    Amount of customization
    Security
    Freedom provided
    Speed of development
    Quality
    Multiple versions
    Cost
    Potential to contribute
    Ability to modify code
    Results
    4854 votes | 2 comments

    Built with GeekLog and phpBB
    Comments to the webmaster are welcome
    Copyright 2009 LinuxLinks.com - All rights reserved