Well, if there's sensitive information being exchanged, some of the tools in the dsniff package should be able to find it. http://www.monkey.org/~dugsong/dsniff/ Comes with man-in-the-middle attack tools for ssh1 and SSL too. Fun. Jay > -----Original Message----- > From: Bob Tanner [mailto:tanner at real-time.com] > Sent: Monday, April 02, 2001 9:31 PM > To: tclug-list at mn-linux.org > Subject: [TCLUG] Network sniffing under Linux and TLS > > > I am working on LDAP using TLS and I want to sniff my network > to make absolutely > sure nothing is every exchanged with the ldap server in clear text. > > I have tried several tools, each seems to have a strength, > but none of them are > "simple". The tools I have used are tcpdump, snoop, sniffit, ethereal. > > I just want to sniff all traffic between hostA and hostB on > port 389 and 636, > which tool is best for this simple task? > > I'd like to see it like hostA tries to connect on port 389 with SSL. > Then hostB responds to use port 636. > etc.. > > The communication exchange... > > -- > Bob Tanner <tanner at real-time.com> | Phone : (952)943-8700 > http://www.mn-linux.org | Fax : (952)943-8500 > Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9 > > _______________________________________________ > tclug-list mailing list > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list >