Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
DSNIFF(8)		    System Manager's Manual		     DSNIFF(8)

NAME
       dsniff -	password sniffer

SYNOPSIS
       dsniff [-c] [-d]	[-m] [-n] [-i interface] [-s snaplen] [-f services]
       [-t trigger[,...]]]  [-r|-w savefile] [expression]

DESCRIPTION
       dsniff is a password sniffer which handles  FTP,	 Telnet,  SMTP,	 HTTP,
       POP,  poppass, NNTP, IMAP, SNMP,	LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP,
       NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC,	AIM, ICQ, Napster, PostgreSQL,
       Meeting	Maker, Citrix ICA, Symantec pcAnywhere,	NAI Sniffer, Microsoft
       SMB, Oracle SQL*Net, Sybase and Microsoft SQL protocols.

       dsniff automatically detects and	minimally parses each application pro-
       tocol,  only  saving  the interesting bits, and uses Berkeley DB	as its
       output file format, only	logging	unique authentication  attempts.  Full
       TCP/IP reassembly is provided by	libnids(3).

       I wrote dsniff with honest intentions - to audit	my own network,	and to
       demonstrate the insecurity of cleartext network protocols.   Please  do
       not abuse this software.

OPTIONS
       -c     Perform  half-duplex TCP stream reassembly, to handle asymmetri-
	      cally routed traffic (such as when using arpspoof(8)  to	inter-
	      cept client traffic bound	for the	local gateway).

       -d     Enable debugging mode.

       -m     Enable automatic protocol	detection.

       -n     Do not resolve IP	addresses to hostnames.

       -i interface
	      Specify the interface to listen on.

       -s snaplen
	      Analyze  at most the first snaplen bytes of each TCP connection,
	      rather than the default of 1024.

       -f services
	      Load triggers from a services file.

	-t trigger[,...]
	      Load  triggers  from  a  comma-separated	list,	specified   as
	      port/proto=service (e.g. 80/tcp=http).

       -r savefile
	      Read  sniffed  sessions  from a savefile created with the	-w op-
	      tion.

       -w file
	      Write sniffed sessions  to  savefile  rather  than  parsing  and
	      printing them out.

       expression
	      Specify  a  tcpdump(8)  filter  expression  to select traffic to
	      sniff.

       On a hangup signal dsniff  will	dump  its  current  trigger  table  to
       dsniff.services.

FILES
       /usr/local/lib/dsniff.services
	      Default trigger table

       /usr/local/lib/dsniff.magic
	      Network protocol magic

SEE ALSO
       arpspoof(8), libnids(3),	services(5), magic(5)

AUTHOR
       Dug Song	<dugsong@monkey.org>

BUGS
       dsniff's	automatic protocol detection feature is	based on the classic
       file(1) command by Ian Darwin, and shares its historical	limitations
       and bugs.

								     DSNIFF(8)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | FILES | SEE ALSO | AUTHOR | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=dsniff&sektion=8&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help