Kripp for Linux is a very simple and extremely light-weight network passwords sniffer written in Perl, which uses only the tcpdump utility as an underlying traffic interceptor. Can sniff and display ICQ, AIM TOC, FTP, HTTP, CVS and POP3 passwords. So, naturally, you will need tcpdump in order to make this work. Usually, it's available in the majority of distributions on all the POSIX compatible operating systems. Make sure you have tcpdump on your PATH. In order to catch as much passwords as possible, you should run the program from the root account (otherwise it won't work) on machines serving as gateways, or in a network made with a help of a HUB device which makes the whole traffic visible for all the workstations on local net. Though it's possible to run the script on a single computer, if you need to find out passwords of those who work with the net from it.