RE: [Fed-Talk] Network sniffing
RE: [Fed-Talk] Network sniffing
- Subject: RE: [Fed-Talk] Network sniffing
- From: "Pike, Michael (NNMC)" <email@hidden>
- Date: Thu, 6 Oct 2005 15:37:30 -0600
- Thread-topic: [Fed-Talk] Network sniffing
I'm familiar with Ethereal (coming from the linux world)... I was hoping
to find a native OS X application... fink sometimes "finks" up other
components we use due to conflicts with certain libs it installs.
I thought I had seen one in Macworld a few months ago, but I can never
find anything I read when I am looking for it.
I have two specific IM clients I am trying to verify... one is the MSN
messenger with LCS, the other is iChat Jabber while communicating to
Google's Google Talk messenger service.
iChat reports unencrypted information going through with a warning
dialogue, however, Google tells me that it IS encrypted and it's a bug
with iChat.
The jabber support in iChat is pretty bare bones, so I do believe Google
is telling the truth, but before I say "google talk is safe" I want to
make sure it in fact is.
If any of you have the sniffer already configured, I can give you a free
invitation to gmail (it's still closed) which will enable Google talk
accounts for you... add me to your contact list, and we can do a quick
and dirty chat and see if the packets are in fact encrypted. We were
running our own iChat servers, but the jabber implementation is really
giving us problems. It often spawns off endless loops and causes a
forced shutdown of the process. It also does not remove the XML related
data in the jabber databases when accounts are removed. So, if someone
is on my contact list, and they are no longer a user, iChat server still
lets me believe they are on the system.
Microsoft LCS, while possibly being encrypted in the stream, logs ALL of
the IM traffic (internally and any gateways that me be established to
yahoo, msn, etc), which I feel is a totally unethical practice to begin
with, not to mention if that data gets in the wrong hands (not that
anyone could exploit a Microsoft product), HIPPA violations everywhere.
Mike
-----Original Message-----
From: fed-talk-bounces+michael.pike=email@hidden
[mailto:fed-talk-bounces+michael.pike=email@hidden] On Behalf
Of Joshua Krage
Sent: Thursday, October 06, 2005 3:16 PM
To: email@hidden
Subject: Re: [Fed-Talk] Network sniffing
On Thu, Oct 06, 2005 at 02:47:02PM -0600, Pike, Michael (NNMC) wrote:
> Any recommendations as far as a good network sniffer for OS X?
Ethereal via X11.
Use the function to reassemble TCP streams and you can recover the full
IM
session (or at least those parts you can read).
--
------------------------------------------------------------------------
F. Joshua Krage, CISSP NASA Goddard Space Flight Center
email@hidden Code 721, IT and Communications Directorate
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden