Man page for apt-get dsniff Command
This tutorial shows the man page for man dsniff in linux.
Open terminal with 'su' access and type the command as shown below:
Result of the Command Execution shown below:
dsniff password sniffer
dsniff [ c] [ d] [ m] [ n] [ i interface | p pcapfile] [ s snaplen] [ f services] [ t trigger[,...]]] [ r| w savefile] [expression]
dsniff is a password sniffer which handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS CHAP, NFS, VRRP, YP/NIS,
SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and
Microsoft SQL protocols.
dsniff automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its output file for
mat, only logging unique authentication attempts. Full TCP/IP reassembly is provided by libnids(3).
I wrote dsniff with honest intentions to audit my own network, and to demonstrate the insecurity of cleartext network protocols. Please do not abuse this
c Perform half duplex TCP stream reassembly, to handle asymmetrically routed traffic (such as when using arpspoof(8) to intercept client traffic bound
for the local gateway).
d Enable debugging mode.
m Enable automatic protocol detection.
n Do not resolve IP addresses to hostnames.
Specify the interface to listen on.
Rather than processing the contents of packets observed upon the network process the given PCAP capture file.
Analyze at most the first snaplen bytes of each TCP connection, rather than the default of 1024.
Load triggers from a services file.
Load triggers from a comma separated list, specified as port/proto=service (e.g. 80/tcp=http).
Read sniffed sessions from a savefile created with the w option.
Write sniffed sessions to savefile rather than parsing and printing them out.
Specify a tcpdump(8) filter expression to select traffic to sniff.
On a hangup signal dsniff will dump its current trigger table to dsniff.services.
Default trigger table
Network protocol magic
arpspoof(8), libnids(3), services(5), magic(5)
dsniff's automatic protocol detection feature is based on the classic file(1) command by Ian Darwin, and shares its historical limitations and bugs.