In my last post i discussed some of the sniffing tools, here i am discussing how to use ettercap for sniffing network.
You can use ettercap on any linux platform and it is also available for windows but the stable versions are very less in case of windows. Those who are aware of backtrack, good news is that ettercap comes pre-installed and configured in it.
Open up a console and tye “ettercap -G” (withour quotes)
You will get something like this:
Now, click on Sniff>Unified Sniffing. A Dialog box will pop open, asking for the network interface. Select the one you are using.
You will notice that there are many more options on the top menu bar, for now however, click on hosts>Scan For Hosts. Wait for it to finish.
Now, click on Mitm (Man in the Middle), and select Arp Poisoning, and check the box that says “sniff remote connections”. Click ok.
Alright, now, all you need to do is click on start>start sniffing. Go to another computer on your network and head over to some website where credentials are needed (Email, Forums, Facebook,Myspace etc). Log in and you should see your details come up in Ettercap. To stop sniffing, simple click on Start>Stop Sniffing, and Mitm>Stop Mitm attacks.
Note : Please note that there are ways to secure a network against this, and it isn’t 100% guaranteed to work 100% of the time.