from Wikipedia, the free encyclopedia

Screenshot by Ettercap
Ettercap in ncurses mode
Basic data

Publishing year January 25, 2001
Current  version
( August 1, 2020 )
operating system various Unix derivatives , macOS and Windows
programming language C.
category Network analysis
License GPL ( Free Software )
German speaking No

Ettercap is free software for carrying out man-in-the-middle attacks . It supports sniffing on both IP and ARP basis, real-time control over connections even in switched networks, content-related filtering and active as well as passive analyzes of individual hosts and entire networks .

Ettercap is available for Linux , the BSD derivatives, Solaris , macOS and Windows .

As a user interface are in addition to the simple console use the NCurses - frontend and a GTK2 GUI available. For specialized, time-consuming attacks that are independent of user interaction, there is also the option of starting Ettercap in the so-called daemon mode , which lets the program run in the background and carries out the desired activities specified by shell parameters . This is, for example, automatic logging of user names and passwords from the entire network in a central file (supports, among others, HTTP , HTTPS , ICQ , POP3 , IMAP , SMB , Q3A , Oracle , MySQL , SMTP ).

Although it is officially a security program, unlike some other similar programs, many companies consider it extremely dangerous. The Websense Inc., for example, restricting access to the home page of Ettercap permanent.

Ettercap can also be used very well in conjunction with other sniffers, such as B. rake use: Ettercap passes the network traffic (eg with. ARP spoofing ) to the interface of the attacker, the sniff it with rake and can forward.

Web links

Individual evidence

  1. Release . August 1, 2020 (accessed August 2, 2020).