OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: PPPoE sniffing

From: LordDoskias (lorddoskiasgmail.com)
Date: Sat Feb 23 2008 - 19:09:04 CST


dork_4loveyahoo.com wrote:
> Greetings,
>
> I am working in cooperate with friend running an ISP ,my friend
>
> installed PPPoE ,by that he says that it will be immune to packet sniffing
>
> -My question:
>
> --Is it possible to run the usual arp spoofing ,sniffing,ssl mitm on
>
> PPPoE installed networks?
>
> --And if that feasible does ettercap is capable of doing such duty? or
>
> there are other tools to test that?
>
>
> Regards,
>
> Bernard
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
>
There is no problem sniffing the pppoe packets if you arp poison the
network - the thing is whether your friend uses CHAP/PAP or something
else for encrypting the passwords between the peer and the concentrator

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------