IDS mailing list archives
Re: Counter detect Network Sniffer
From: "gatekeeper" <gatekeeper () globenet com ph>
Date: Tue, 2 Mar 2004 08:05:49 +0800
Non-promiscuous or promiscuous it is still called a sniffer.
they're not going to see anything they don't participate in.
So what? It is good enough to install a sniffer on a box and see what traffic flows through it (non-promisc) ...... a skillful hacker would still be able to do a lot of damage. Being able to sniff everything else (promisc) is just a bonus ....... well, I think it would only help the not-so-skillful-hacker ;-) regards, jun g. "hiding in plain sight" ----- Original Message ----- From: "Rob Shein" <shoten () starpower net> To: "'gatekeeper'" <gatekeeper () globenet com ph>; <focus-ids () securityfocus com> Sent: Monday, March 01, 2004 12:17 PM Subject: RE: Counter detect Network Sniffer
If the sniffer is running like this, they're not going to see anything
they
don't participate in. It's not a sniffer if they aren't in promiscuous mode.-----Original Message----- From: gatekeeper [mailto:gatekeeper () globenet com ph] Sent: Tuesday, February 24, 2004 2:24 AM To: focus-ids () securityfocus com Subject: Re: Counter detect Network Sniffer Hi, It may also not work if sniffer was ran non-promiscuously (i.e. snoop -P)? Is there a way to detect such sniffers? Thanks. jun g. "hiding in plain sight"--------------------------------------------------------------------------
-
Free 30-day trial: firewall with virus/spam protection, URL filtering,
VPN,
wireless security Protect your network against hackers, viruses, spam and other risks with
Astaro
Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost
of
ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 --------------------------------------------------------------------------
-
--------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301 ---------------------------------------------------------------------------
Current thread:
- RE: Counter detect Network Sniffer Rob Shein (Mar 01)
- Re: Counter detect Network Sniffer Vel (Mar 01)
- Re: Counter detect Network Sniffer Tillman Hodgson (Mar 01)
- RE: [inbox] Re: Counter detect Network Sniffer Curt Purdy (Mar 01)
- RE: [inbox] Re: Counter detect Network Sniffer Rob Shein (Mar 01)
- RE: [inbox] Re: Counter detect Network Sniffer Curt Purdy (Mar 01)
- Re: Counter detect Network Sniffer Tod Beardsley (Mar 02)
- RE: [inbox] Re: Counter detect Network Sniffer Rob Shein (Mar 02)
- Re: [inbox] Re: Counter detect Network Sniffer Thomas Ptacek (Mar 01)
- Re: Counter detect Network Sniffer Vel (Mar 01)
- Re: Counter detect Network Sniffer Sandro Melo (Mar 02)
- <Possible follow-ups>
- Re: Counter detect Network Sniffer Mike Frantzen (Mar 01)