Network Services source or destination port is 23 - the telnet port - (src or dstport 23). We’ll get an acknowledgment: tcpdump: listening on eth0 … and tcpdump will log all telnet packets it sees on the network segment. Now we go to Fred, our Windows machine, and telnet from there to Bob, our Linux server. As soon as we do, we see the packets being logged by tcpdump, even though that’s running on a machine that’s not the destination for the packets! # tcpdump -i eth0 -1 -q -X src or dst port 23 tcpdump: listening on eth0 12:11:51.070377 fred.3335 > bob.telnet: tcp 0 (DF) 0×0000 4500 0030 317b 4000 8006 3342 0a04 4101 E..01{@…3B..A. 0×0010 0a04 4102 0d07 0017 24e6 7419 0000 0000 ..A…..$.t….. 0×0020 7002 2000 26f7 0000 0204 05b4 0101 0402 p…&……….. 12:11:51.070826 bob.telnet > fred.3335: tcp 0 (DF) 0×0000 4500 0030 0000 4000 4006 a4bd 0a04 4102 E..0..@.@…..A. 0×0010 0a04 4101 0017 0d07 f267 5575 24e6 741a ..A……gUu$.t. 0×0020 7012 16d0 e838 0000 0204 05b4 0101 0402 p….8………. If we look carefully at the packet log, we can find the Password prompt and see what the user typed in response. The password has been highlighted to make it easier to see, but hackers don’t need that much help - they’ll probably use an automated password sniffer that’ll decode the packets for them: 12:12:02.265222 bob.telnet > fred.3335: tcp 10 (DF) [tos 0×10] 0×0000 4510 0032 9d51 4000 4006 075a 0a04 4102 E..2.Q@.@..Z..A. 0×0010 0a04 4101 0017 0d07 f267 55fc 24e6 746e ..A……gU.$.tn 0×0020 5018 16d0 2c48 0000 5061 7373 776f 7264 P…,H..Password 0×0030 3a20 12:12:02.465557 fred.3335 > bob.telnet: tcp 0 (DF) 0×0000 4500 0028 4a7b 4000 8006 1a4a 0a04 4101 E..(J{@….J..A. 0×0010 0a04 4102 0d07 0017 24e6 746e f267 5606 ..A…..$.tn.gV. 0×0020 5010 21a8 0941 0000 2020 2020 2020 P.!..A…….. 12:12:03.180919 fred.3335 > bob.telnet: tcp 1 (DF) 0×0000 4500 0029 4b7b 4000 8006 1949 0a04 4101 E..)K{@….I..A. 0×0010 0a04 4102 0d07 0017 24e6 746e f267 5606 ..A….. $.tn.gV. 0×0020 5018 21a8 a337 0000 6620 2020 2020 P.!..7 ..f….. 12:12:03.218203 bob.telnet > fred.3335: tcp 0 (DF) [tos 0×10] 0×0000 4510 0028 9d52 4000 4006 0763 0a04 4102 E..(.R@.@..c..A. 0×0010 0a04 4101 0017 0d07 f267 5606 24e6 746f ..A……gV.$.to 0×0020 5010 16d0 1418 0000 65fd 01ff fb05 P…….e….. 12:12:03.423073 fred.3335 > bob.telnet: tcp 1 (DF) 0×0000 4500 0029 4c7b 4000 8006 1849 0a04 4101 E..)L{@….I..A. 0×0010 0a04 4102 0d07 0017 24e6 746f f267 5606 ..A…..$.to.gV. 0×0020 5018 21a8 9736 0000 7220 2020 2020 P.!..6..r….. 12:12:03.423232 bob.telnet > fred.3335: tcp 0 (DF) [tos 0×10] 0×0000 4510 0028 9d53 4000 4006 0762 0a04 4102 E..(.S@.@..b..A. 0×0010 0a04 4101 0017 0d07 f267 5606 24e6 7470 ..A……gv.$.tp 0×0020 5010 16d0 1417 0000 6465 6420 4861 P…….ded.Ha 12:12:03.555199 fred.3335 > bob.telnet: tcp 1 (DF) 0×0000 4500 0029 4d7b 4000 8006 1749 0a04 4101 E..)M{@….I..A. 0×0010 0a04 4102 0d07 0017 24e6 7470 f267 5606 ..A…..$.tp.gV. 0×0020 5018 21a8 a435 0000 6520 2020 2020 P.!..5..e….. 12:12:03.555354 bob.telnet > fred.3335: tcp 0 (DF) [tos 0×10] 0×0000 4510 0028 9d54 4000 4006 0761 0a04 4102 E..(.T@.@..a..A. 0×0010 0a04 4101 0017 0d07 f267 5606 24e6 7471 ..A……gV.$.tq 422
Note: If you are looking for reliable and quality webspace company to host and run your servlet application check professional servlet hosting services