Package: dsniff (2.4b1+debian-18)

Links for dsniff

Debian Resources:

Download Source Package dsniff:

Maintainer:

Luciano Bello (QA Page)

Similar packages:

Various tools to sniff network traffic for cleartext insecurities

This package contains several tools to listen to and create network traffic:

 * arpspoof  - Send out unrequested (and possibly forged) arp replies.
 * dnsspoof  - forge replies to arbitrary DNS address / pointer queries
             on the Local Area Network.
 * dsniff    - password sniffer for several protocols.
 * filesnarf - saves selected files sniffed from NFS traffic.
 * macof     - flood the local network with random MAC addresses.
 * mailsnarf - sniffs mail on the LAN and stores it in mbox format.
 * msgsnarf  - record selected messages from different Instant Messengers.
 * sshmitm   - SSH monkey-in-the-middle. proxies and sniffs SSH traffic.
 * sshow     - SSH traffic analyser.
 * tcpkill   - kills specified in-progress TCP connections.
 * tcpnice   - slow down specified TCP connections via "active"
             traffic shaping.
 * urlsnarf  - output selected URLs sniffed from HTTP traffic in CLF.
 * webmitm   - HTTP / HTTPS monkey-in-the-middle. transparently proxies.
 * webspy    - sends URLs sniffed from a client to your local browser
             (requires libx11-6 installed).

inux: How to kill a TCP connection using netstat?

You cannot kill a TCP connection using netstat utility. netstat is use for

Display network connections
Routing tables
Interface statistics
Masquerade connections
Multicast memberships
And much more

However Linux support two other commands or utility that can be used to kill a TCP connection.

tcpkill command

Use tcpkill command to kill specified in-progress TCP connections. It is useful for libnids-based applications which require a full TCP 3-whs for TCB creation.

Syntax:

tcpkill -i eth0 { expression }

Examples:

(a) Kill all outgoing ftp (port 21) connection:

tcpkill -i eth0 port 21

(b) Kill all all packets arriving at or departing from host 192.168.1.2 (host12.nixcraft.com)

tcpkill host 192.168.1.2

OR

tcpkill host host12.nixcraft.com

 (c) To kill all IP packets between 192.168.1.2 and any host except 192.168.1.111, type the following:

tcpkill ip host 192.168.1.2 and not 192.168.1.111

Since tcpkill expressions are based upon tcpdump command’s filter expression, it is recommended that you read options with expression and examples.

cutter command

Cutter is an open source program that allows Linux firewall administrators to abort TCP/IP connections routed over Linux based firewall. It works on Linux router only. We have already covered examples of cutter here.