Security Basics mailing list archives
Re: A Solution for sniffing
From: "Sumit Dhar" <ml_dhar () yahoo com>
Date: Thu, 4 Jan 2001 15:32:58 +0530
I think i am being sniffed by somone on my network, and i was wondering.
is
there an application to check wether i am being sniffed or not, and if i
There are applications like AntiSniff that seek to find out if someone on the network is carrying out sniffing. But these cannot give you guaranteed results. I played around a little with AntiSniff but the results were not that great.
From the tone of your mail, I am assuming it is a malicious user and not an
administrator with permissions who is performing this sniffing. If you are using a hub then I dont think there is too much you can do. But if you are using a switch, it is possible that the user might have to perform ARP Spoofing. Try and detect cases of ARP Spoofing on the network. You can use ARP Watch for that. If you have Snort running on the network, it too can detect such cases. Usually the sniffer will try and ARP Spoof the gateway. Hard code the MAC address of the Gateway on your machine using the /etc/ethers file. Install ARP Watch on your machine too.
was, how can i fix that ?(like PGP for mail, what about other protocols)
Use encryption. HTTPS/SSL have the advantage of being very *HARD* to sniff. Also if you are using hubs, it might be a good idea to switch to switches. If you are interested, there is a brief document I had written on topic of Sniffers that might be of use to you. It is available at http://www.rootshell.be/~dhar/downloads/Sniffers.pdf Hope this helps!! With Regards, Sumit Dhar http://www.rootshell.be/~dhar
Current thread:
- A Solution for sniffing fadi (Dec 17)
- Re: A Solution for sniffing Jeff (Dec 18)
- RE: A Solution for sniffing Ian Lyte (Dec 18)
- Windows 2k Sniffer Detection Ian Lyte (Dec 19)
- Re: Windows 2k Sniffer Detection Gene (Dec 20)
- Windows 2k Sniffer Detection Ian Lyte (Dec 19)
- Re: A Solution for sniffing Mattias Hedenskog (Dec 18)
- Re: A Solution for sniffing Sumit Dhar (Dec 18)
- Re: A Solution for sniffing Matti Haack (Dec 18)
- Re: A Solution for sniffing phani (Dec 18)
- Re: A Solution for sniffing Alberto Cozer (Dec 19)
- Re: A Solution for sniffing Peter Letford (Dec 19)
- Re: A Solution for sniffing Aydin Kocas (Dec 19)
- Re: A Solution for sniffing Joe H. (Dec 20)
- Re: A Solution for sniffing Aydin Kocas (Dec 19)
- <Possible follow-ups>
- RE: A Solution for sniffing Bruce.Orcutt (Dec 18)
- RE: A Solution for sniffing David (Dec 19)
- RE: A Solution for sniffing Jason Kohles (Dec 20)
- RE: A Solution for sniffing David (Dec 19)
- Re: A Solution for sniffing brien mac (Dec 18)
(Thread continues...)