A suite of components and libraries that can be used to sniff and log the activity inside a network, being able to prevent man-in-the-middle attacks.
- ettercap
- Version :0.8.2
- License :GPL
- OS :Windows All
- Publisher :ettercap Team
ettercap Description
Ettercap is a collection of libraries and tools that can work together in order to sniff live connections and dissect many protocols in order to overcome man-in-the-middle attacks.
It embeds a wide array of features that can analyze connections made within a network and report on the findings, so that the end-user is aware of such security breaches.
Typically, man-in-the-middle attacks occurs inside an unprotected network, with the attacker eavesdropping on various communication channels and purposely intercepting and scrambling the messages that are being sent between two or more parties.
The causes that lead to attacks are usually found in faulty certificates or unsecured authentication processes. Ettercap might be able to help you carry out an extensive forensic analysis that could pinpoint the issues leading to breaches inside the network.
The program consists of a suite of libraries, components and tools that target advanced users mostly, considering the complexity of the operations required in order to accommodate it on the system.
First and foremost, it needs to be compiled and for this purpose you can use CMake. Other mandatory prerequisites are libcap, libnet, openssl, libpthread, zlib and cURL.
If you’re having trouble working with it, you can turn to the built-in documentation that provides you with extensive help towards the installation and the usage of the program. Therefore, learning to experiment with it can be a guided process.
In a nutshell, Ettercap is a reliable suite that can be used inside a switched LAN, but features support for hubbed ones as well and can handle a variety of network protocols, even ciphered ones. It can also intercept and log events, which leads to a better understanding of what goes on inside your LAN.