Security Basics mailing list archives
Re: Detect Network Sniffing
From: Eric Kollmann <xnih13 () gmail com>
Date: Tue, 8 Nov 2011 14:01:15 -0700
Try 2 in plain text format this time... Shameless plug for an old program I wrote, windows only, needs winpcap, hasn't been updated in 3 or more years: http://myweb.cableone.net/xnih/download/sam.zip It was actually designed to do OS fingerprinting by ARP packets, though one of the side things I found was that I could detect systems running in promiscous mode. 2 links I have in my notes for detecting systems in promiscous mode are here: http://www.securityfriday.com/promiscuous_detection_01.pdf http://www.nta-monitor.com/wiki/index.php/Arp-scan_User_Guide#Detecting_Promiscuous_Mode_Interfaces Not sure if both are still good links and I'm too lazy to check right now. So if you are on the same segment, by using ARP packets you can tell if a system is in promisicous and can tell if it is windows or linux, but as others have noted, this will only tell you about your current network. If there is a span port on the router or if your ISP is doing something there really isn't any way you are going to be able to detect this. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Detect Network Sniffing Dagni McPhee (Nov 08)
- Re: Detect Network Sniffing Kenneth Walling (Nov 08)
- Re: Detect Network Sniffing Rob Hughes (Nov 08)
- Re: Detect Network Sniffing Eric Kollmann (Nov 08)
- Re: Detect Network Sniffing Kurt Buff (Nov 08)
- Re: Detect Network Sniffing Todd Haverkos (Nov 08)
- Re: Detect Network Sniffing Kenneth Walling (Nov 08)
- RE: Detect Network Sniffing David Gillett (Nov 08)
- Re: Detect Network Sniffing phillip () bailey st (Nov 08)
- RE: Detect Network Sniffing David Gillett (Nov 09)
- Re: Detect Network Sniffing Adam Mooz (Nov 08)
- RE: Detect Network Sniffing David Gillett (Nov 09)
- <Possible follow-ups>
- Re: Detect Network Sniffing krymson (Nov 14)