Jika anda adalah salah seorang yang guna wireless LAN (Wifi) org lain untuk access ke internet, anda sebenarnya dalam bahaya. Sekarang ini, dalam access point/wifi router tu sendiri boleh install monitoring software. Berikut antara 'keupayaan' monitoring software tersebut:
1. arpspoof
utk penyamaran ARP packet
2. dnsspoof
utk penyamaran hostname
3. dsniff
password sniffer. handles FTP, Telnet, SMTP, HTTP, POP,
poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP
MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ,
Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec
pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase
and Microsoft SQL auth info.
4. filesnarf
save file yang dicapture dlm Network File System
5. macof
DoS any host dlm network...
6. mailsnarf
a fast and easy way to violate the Electronic Communications
Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs
selected messages sniffed from SMTP and POP traffic in
mbox format, suitable for offline browsing with your favorite
mail reader (mail -f, pine, etc.).
7. msgsnarf
record selected messages from sniffed AOL Instant Messenger,
ICQ 2000, IRC, and Yahoo! Messenger chat sessions.
8. sshmitm
SSH monkey-in-the-middle. Capture login dan password utk SSH v1
9. tcpkill
kills specified in-progress TCP connections (useful for
libnids-based applications which require a full TCP 3-whs for
TCB creation).
10. tcpnice
slow down specified TCP connections via "active" traffic
shaping. forges tiny TCP window advertisements, and optionally
ICMP source quench replies.
11. urlsnarf
output selected URLs sniffed from HTTP traffic in CLF
(Common Log Format, used by almost all web servers), suitable
for offline post-processing with your favorite web log
analysis tool (analog, wwwstat, etc.).
12. webmitm
HTTP / HTTPS monkey-in-the-middle. Digunakan untuk capture password bagi online banking. Penggunaan transaksi perbankan amat berisiko sekali.
13. webspy
sends URLs sniffed from a client to your local Netscape
browser for display, updated in real-time (as the target
surfs, your browser surfs along with them, automagically).
a fun party trick. :-)
Awas! Pengguna Wifi "Free"
0 comments:
Post a Comment