Taranis Released - (08/04/01)

Taranis is a tool to demonstrate the necessity of strong cryptography and authentication on local ethernet networks. Taranis will steal username / password pairs by redirecting traffic intended for the POP or IMAP server to the host running Taranis. Once this is achieved, the login information is saved to a file. Full information is available in the README file. I just received a spanish translation of the Phrack article from v1k1ng0 at softhome dot net Read it here You can also check out the presentation I am doing at BlackHat Windows in New Orleans. In MS PowerPoint format: Taranis.ppt List of tested switches and results, please email info to jwilkins@bitland.net if you test any hardware not listed. Switch Behavior LinkSys EZXS88W Last Packet Updates 3Com SuperStack II/1100 Last Packet Updates Cisco 2900 MXL and 2900 XL (Port Security Off [default]) Timeout (~30 Seconds) Cisco 2900 MXL and 2900 XL (Port Security On) Traffic redirected on reboot or cable disconnect Hewlett Packard ProCurve Switch 2424M Last Packet Updates

Thanks

Jesse < jesse@bitland.org> - Original idea and brainstorming Skyper < skyper@segfault.org> - Tons of help with testing (3Com & Cisco) Ed < ed@apache.org> - Access to HP switch

Download Taranis

taranis-0.84.tar.gz