Security Basics mailing list archives
RE: Caching a sniffer
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 23 Mar 2004 10:12:27 -0800
I'm aware of SPAN, of course. I use it routinely to *enable* sniffing, not PREVENT it. (I took "Caching" to be an obvious misspelling of "Catching" -- was that my mistake?) What I don't see is how it can be described as "disable all it's port to allow promiscuous mode across the network", which sounds like maybe it means a switch command to either prevent client devices from going into promiscuous mode, or shut down the switch ports of clients who do. If such a command existed, it would be a great way to prevent users from sniffing each other's traffic, but I don't believe it does. David Gillett
-----Original Message----- From: Shawn Jackson [mailto:sjackson () horizonusa com] Sent: Tuesday, March 23, 2004 9:49 AM To: gillettdavid () fhda edu; ksaenz () spinaweb com au Cc: security-basics () securityfocus com Subject: RE: Caching a snifferCould you, for instance, give the Cisco command(s) which dowhat you'retrying to describe?It's called Port Mirroring or SPAN. http://www.cisco.com/warp/public/473/41.html. Almost all (good) switches have that functionality, you just need to find it. CAT1900 Example http://www.effetech.com/help/cisco-span.htm Shawn Jackson Systems Administrator Horizon USA 1190 Trademark Dr #107 Reno NV 89521 www.horizonusa.com Email: sjackson () horizonusa com Phone: (775) 858-2338 (800) 325-1199 x338
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- [Full-Disclosure] Caching a sniffer; Re:, (continued)
- [Full-Disclosure] Caching a sniffer; Re: Tim (Mar 11)
- [Full-Disclosure] Caching a sniffer; Re: Eric LeBlanc (Mar 11)
- [Full-Disclosure] Caching a sniffer; Re: Kenton Smith (Mar 11)
- Re: Caching a sniffer Bob Radvanovsky (Mar 11)
- Re: Caching a sniffer Fernando Gont (Mar 17)
- Re: Caching a sniffer ksaenz (Mar 22)
- RE: Caching a sniffer David Gillett (Mar 23)
- Re: Caching a sniffer Fernando Gont (Mar 24)
- Re: Caching a sniffer ksaenz (Mar 22)
- RE: Caching a sniffer Chris Merkel (Mar 11)
- RE: Caching a sniffer Shawn Jackson (Mar 23)
- RE: Caching a sniffer David Gillett (Mar 24)
- Re: Caching a sniffer Patrick Toomey (Mar 24)
- RE: Caching a sniffer Shawn Jackson (Mar 24)
- RE: Caching a sniffer Burton M. Strauss III (Mar 25)
- RE: Caching a sniffer Fernando Gont (Mar 25)
- RE: Caching a sniffer Shawn Jackson (Mar 24)
- RE: Caching a sniffer David Gillett (Mar 24)
- RE: Caching a sniffer Fernando Gont (Mar 25)
- RE: Caching a sniffer David Gillett (Mar 25)
- RE: Caching a sniffer David Gillett (Mar 24)
- RE: Caching a sniffer Fernando Gont (Mar 25)
- RE: Caching a sniffer Shawn Jackson (Mar 25)