Security Basics mailing list archives
RE: arpwatch
From: "zidan" <zidan00 () fastmail fm>
Date: Sun, 14 Sep 2003 01:06:26 -0800
Tony, I tried requesting unknown IP addresses and arpwatch didn't detect it. arpwatch only detects the replies. the thing is, I have no monitoring port or special vlans, and when I try sniffing network traffic in TCP/UDP level, I get nothing. so I assume there is no leak. I don't think arpwatch is using arp posinoning to detect those stations... I still can't figure out how it works. -Z -- zidan zidan00 () fastmail fm -- http://www.fastmail.fm - I mean, what is it about a decent email service? --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Logical access controle to network segments and boxes, (continued)
- Logical access controle to network segments and boxes MeaCulpa (Sep 11)
- Re: Logical access controle to network segments and boxes Tim Syratt (Sep 11)
- Logical access controle to network segments and boxes MeaCulpa (Sep 11)
- Re: arpwatch Mikkel Christensen (Sep 11)
- RE: Arpwatch J. Oquendo (Sep 11)
- RE: Arpwatch zidan (Sep 11)
- Re: arpwatch zidan (Sep 11)
- RE: arpwatch Tony Kava (Sep 11)
- RE: arpwatch Tony Kava (Sep 11)
- RE: arpwatch Kim Oppalfens (Sep 12)
- Re: arpwatch B. McAninch (Sep 15)
- RE: arpwatch zidan (Sep 15)
- RE: arpwatch David Gillett (Sep 15)