Like most of us I use a number of FTP sites in the course of my daily work. I use FileZilla, I have a U3 compatible version on my USB Thumbdrive, and the "regular" client installed just about everywhere else.
FileZilla like most clients, has an address book that you can store connection information, including usernames and (optionally) passwords in. And on my thumb drive and home clients I do store the passwords, and I typically also create a SplashID entry in my primary password keeper. I sync SplashID to my phone, or I used to, until a combination of Vista, Windows Mobile 6, and Vista's new replacement for ActiveSync now called Windows Mobile Device Center, rendered syncing unworkable. (Story for another post!)
I recently had need to communicate the username and password for an FTP login to someone else, and without access to my stored passwords and due to my inability to remember 38,359 passwords off the top of my head I was out of luck. Until I remembered Microsoft Network Monitor!
I fired up NetMon and created a new Capture Tab as shown: (Click on the image for a full size view)
Then in the Display Filter I entered a filter expression that consisted of the destination address I wanted to capture traffic going to, and the protocol I was interested in, in this case FTP.
(The latest versions of NetMon have intellisense for filters built in which makes writing filters much easier. Not using a filter means you would have to wade through several hundred to a few thousand lines of captured traffic on a typical network.)
Then I fired up my FTP client, switched back to Network Monitor, started the capture, switched back to the FTP client and initiated a connection. Once the connection was complete, I switched back to Network Monitor and stopped the capture and there was my password!
Now this works best if it is a non encrypted connection, although having not tried it with an SSH connection I am not sure if it would not work there as well.
There are dozens of good network sniffers and packet capture utilities out there, I use NetMon and WireShark as my two standbys. NetMon I use for day to day captures when I am diagnosing web services traffic, or local network issues, WireShark I bring out when I need the "big guns" looking for intrusion or other wide area issues, like traffic trends etc.
Cheers,
Robert Porter
Disclaimer The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.
© Copyright 2008, Robert B. Porter - Powered by: newtelligence dasBlog 2.1.8102.813