Jump to content

Openssh Server

will-wtf

By will-wtf
in Questions

 Share

Recommended Posts

will-wtf Newbie

will-wtf

Posted
Posted

I recently set up my own SSH server, which was a wonderfully simple way to secure my internet. There are 3 or 4 people who I now share it with (roomates), and all they have to do is chip in a few pounds a month for their unrestricted internet. At the moment I do not log anything other than signin's and disconnects, and having asked them all they agreed that I can pretty much do what I want with regards to sniffing out passwords, and logging visited websites as long as they continue to have access to facebook :) So I initially thought about ettercap and wireshark, but didn't have a clue how they worked. Would they be ideal for this situation, or are there other program's I should look into for this?

Thanks,

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted
I recently set up my own SSH server, which was a wonderfully simple way to secure my internet. There are 3 or 4 people who I now share it with (roomates), and all they have to do is chip in a few pounds a month for their unrestricted internet. At the moment I do not log anything other than signin's and disconnects, and having asked them all they agreed that I can pretty much do what I want with regards to sniffing out passwords, and logging visited websites as long as they continue to have access to facebook :) So I initially thought about ettercap and wireshark, but didn't have a clue how they worked. Would they be ideal for this situation, or are there other program's I should look into for this?

Thanks,

As long as these tools are installed on the computer, where SSH is running you should be able to capture any information that is passing along. Wireshark may not be able to look at https traffic itself, but ethercap is capable of since its a suite for man in the middle attacks. You should also do a bit of reading on sslstrip, I think it may come handy at some stage.

Ethercap: http://ettercap.sourceforge.net/

Wireshark: http://www.wireshark.org/

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted
Thanks for the fast reply,

I thought that SSLstrip was only linux based though?

You are right, SSLStrip only works with Linux. But there has been some discussions on running SSLStrip on windows.

http://www.hak5.org/forums/index.php?showtopic=15291

Link to comment
Share on other sites
H@L0_F00 Newbie

H@L0_F00

Posted
Posted (edited)
As long as these tools are installed on the computer, where SSH is running you should be able to capture any information that is passing along. Wireshark may not be able to look at https traffic itself, but ethercap is capable of since its a suite for man in the middle attacks. You should also do a bit of reading on sslstrip, I think it may come handy at some stage.

Ethercap: http://ettercap.sourceforge.net/

Wireshark: http://www.wireshark.org/

Wireshark would be able to see all traffic because it is no longer encrypted (unless it's HTTPS, another SSH server, etc) when the communication is between the server you are running and the server your friends are connecting to.

Friends PC ---encrypted---> SSH server ---normal traffic---> Internet ---normal traffic---> SSH server ---encrypted---> Friends PC

Edited by H@L0_F00
Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted
Wireshark would be able to see all traffic because it is no longer encrypted (unless it's HTTPS, another SSH server, etc) when the communication is between the server you are running and the server your friends are connecting to.

Friends PC ---encrypted---> SSH server ---normal traffic---> Internet ---normal traffic---> SSH server ---encrypted---> Friends PC

That's what I thought and was right on, wireshark would be able to see all traffic from the SSH server to the internet, but not what's in between the client and the SSH server.

Thanks for sharing that.

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted
Ah thanks for all that info, on a completely different question, how would you go about just knowing how much has been downloaded? This seems to be a solution ->> http://www.broadbandchoices.co.uk/article....ownload-monitor

Thanks again :)

Hi Will-WTF,

BitMeter 2 and Bandwidth Monitor Lite are both freeware bandwidth monitoring tools. I have used it in the past and works pretty well, in determining how much bandwidth has been consumed.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...