Security Incidents mailing list archives
Why can I see other traffic at switch environment just tcpdump?
From: "SB CH" <chulmin2 () hotmail com>
Date: Tue, 08 Oct 2002 06:08:32 +0000
Hello, all I have operated linux server at switch environment,and just with tcpdump, I can see some other traffic whic is not related with me without any other tool or trick.
it means that I can sniff traffic without special sniffing tool at the switch , right? is it possible?
but it's ture.for example,
# tcpdump port 8015:03:42.681171 eth0 P 211.47.130.114.1131 > 211.47.1.55.www: S my system has no relations with 211.47.130.114 or 211.47.1.55.
just switch connected together with 211.47.1.55. Thanks in advance. _________________________________________________________________클릭하면 나만의 광고가 뜹니다. 검색 키워드 광고 문의 http://www.msn.co.kr/search/keywordshop
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Why can I see other traffic at switch environment just tcpdump? SB CH (Oct 08)
- Re: Why can I see other traffic at switch environment just tcpdump? Kelly Martin (Oct 08)
- RE: Why can I see other traffic at switch environment just tcpdump? Rob Shein (Oct 09)
- Re: Why can I see other traffic at switch environment just tcpdump? Darryl Luff (Oct 09)
- Re: Why can I see other traffic at switch environment just tcpdump? Kelly Martin (Oct 08)