User data
Peter Van Epp
vanepp at sfu.ca
Thu Mar 1 11:31:05 EST 2001
<snip>
>
> Anyway, to the problem. Ftp works fine but does anyone know how much
> data one has to grab to get passed the setup negotiations? 200
> chars isn't enough.
>
> Russell Fulton, Computer and Network Security Officer
> The University of Auckland, New Zealand
>
I'd expect it to be quite long (the IWILLs and IWONTs of the telnet
option negotiation go on for a long time as I recall). A full tcpdump of
a session and count is probably your best bet since I'm going from memory
of the last telnet session I decoded from a sniffer trace. All three of our
sniffers are currently in use or I'd drag up a saved capture and look.
Another thing to do would be snag a root kit and look at the source
for the telnet password snarfing routine in it (not that I know where to get
source for a root kit mind you ...).
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the argus
mailing list