To sniff FTP credentials between the Swiss bank and its London subsidiary, which tool would you use?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your knowledge as a Computer Hacking Forensic Investigator with the CHFI v11 Test. Use flashcards and multiple-choice questions, complete with hints and detailed explanations, to prepare effectively and ace your exam!

Multiple Choice

To sniff FTP credentials between the Swiss bank and its London subsidiary, which tool would you use?

Explanation:
FTP credentials travel in cleartext over many FTP sessions, so to capture them you need to place yourself in the path between the two hosts on the network. That’s a classic man-in-the-middle situation on a LAN, which is exactly what ARP spoofing-based tools are built to do. Ettercap specializes in performing MITM attacks on a local network, enabling you to intercept and sniff traffic between hosts and capture credentials like FTP usernames and passwords. Snort is an intrusion detection system that analyzes traffic and alerts on suspicious activity but doesn’t actively intercept or capture credentials. Airsnort targets cracking WEP keys in wireless networks, not relevant here. RaidSniff is a generic packet-sniffing tool but does not provide the integrated MITM capabilities needed to place traffic under your control. So the best-fit tool for capturing FTP credentials in this scenario is Ettercap.

FTP credentials travel in cleartext over many FTP sessions, so to capture them you need to place yourself in the path between the two hosts on the network. That’s a classic man-in-the-middle situation on a LAN, which is exactly what ARP spoofing-based tools are built to do. Ettercap specializes in performing MITM attacks on a local network, enabling you to intercept and sniff traffic between hosts and capture credentials like FTP usernames and passwords. Snort is an intrusion detection system that analyzes traffic and alerts on suspicious activity but doesn’t actively intercept or capture credentials. Airsnort targets cracking WEP keys in wireless networks, not relevant here. RaidSniff is a generic packet-sniffing tool but does not provide the integrated MITM capabilities needed to place traffic under your control. So the best-fit tool for capturing FTP credentials in this scenario is Ettercap.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy