Network Services 0×0020 5010 16d0 1416 0000 0d0a 0869 6e3a P……….in: 12:12:03.699442 fred.3335 > bob.telnet: tcp 1 (DF) 0×0000 4500 0029 4e7b 4000 8006 1649 0a04 4101 E..)N{@….I..A. 0×0010 0a04 4102 0d07 0017 24e6 7471 f267 5606 ..A…..$.tq.gV. 0×0020 5018 21a8 a534 0000 6420 2020 2020 P.!..4..d….. This is what we mean when we say that the telnet protocol sends passwords in plain text across the network. If that network uses broadcast media, then every machine on the same network segment as the sender receives the unencrypted password on its network interface. Most of the time, the other machines will just ignore this data, but all it takes is one of them to be running a promiscuous mode packet logger like tcpdump and all the passwords sent by telnet can be captured. Ftp suffers from a similar vulnerability. Fortunately, there are secure alternatives to both telnet and ftp (ssh and sftp respectively) that encrypt all data they send over the network using strong encryption techniques so the eavesdropper is not able to glean any useful information from the packets. Another packet analyzer that can be installed from the Red Hat Linux 9 CDs is called Ethereal. This has a graphical front end that makes it much easier to set up filters and interpret the contents of packets. When Ethereal is started (as root, by simply typing ethereal at the command prompt - once the Ethereal RPM has been installed, of course!), the main window opens. The Capture | Start menu option opens another window where capture options can be set: Note the check box to put the interface (eth0) in promiscuous mode, so packets not intended for this machine can be captured. Once capturing is running, another window is updated continuously with packet counts. 423
Note: If you are looking for reliable and quality webspace company to host and run your servlet application check professional servlet hosting services