Full Disclosure mailing list archives
Re: Caching a sniffer
From: Cael Abal <lists2 () onryou com>
Date: Thu, 11 Mar 2004 00:19:22 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ian Latter wrote:
While there's no way to be sure-sure ... you can get into your local LAN segment and send ICMP(/whatever) requests to the correct L3 address with the wrong L2 address and see if you get a response; this will show you if hosts/devices are listening promiscuously (which makes for a good starting point).
Not necessarily? I thought that depended on the ip stack implementation. Cael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) iD8DBQFAT/baR2vQ2HfQHfsRAgZ0AJ46xhi8rNDXAt5TIHUZL2Il/Lil1gCfeGsE GiGW9xeSwCMYgGPl1JvLwNE= =nLkQ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Caching a sniffer, (continued)
- Re: Caching a sniffer Eric LeBlanc (Mar 11)
- Re: Caching a sniffer Simon Richter (Mar 11)
- Re: Caching a sniffer Kenton Smith (Mar 11)
- RE: Caching a sniffer Mike Fratto (Mar 11)
- RE: Caching a sniffer Kenton Smith (Mar 11)
- RE: Caching a sniffer David Bartholomew (Mar 11)
- Re: Caching a sniffer Simon Richter (Mar 12)
- RE: Caching a sniffer Justin Baldini (Mar 12)
- RE: Caching a sniffer Mike Fratto (Mar 11)
- Re: Caching a sniffer Cael Abal (Mar 10)
- Re: Caching a sniffer Lan Guy (Mar 11)
- RE: Caching a sniffer Dave Horsfall (Mar 11)