Re: Detecting a sniffer (fwd)

[fc () all net (Dr. Frederick B. Cohen)]

Forwarded message:
> From fc Thu May  4 10:47:34 1995
Subject: Re: Detecting a sniffer
To: perry () imsi com
Date: Thu, 4 May 1995 10:47:34 -0400 (EDT)
In-Reply-To: <9505041405.AA27736 () snark imsi com> from "Perry E. Metzger" at May 4, 95 10:05:57 am
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
Content-Length: 965       

> Dr. Frederick B. Cohen says:
> > Incorrect - you can detect a sniffer - but it's not cheap.
>
> Tell us how, Oh Great One.

It's called a lot of hard work.  You start by examining all hardware
and software, ... you get the idea?  Now if you are proficient, you
can do this for only a few days and a few thousand dollars per typical
room in an office complex, in other words, as much as replacing the
whole computing facility.

There are a number of techniques that require less work but are less
perfect.


-- 
-----------------
\Management  /\/| 216-686-0090 - PO Box 1480, Hudson, OH 44236
 \        /\/   | Check out info-security heaven and test your system
  \/\  /\/      | for known vulnerabilities (1st time for free) at URL:
     \/Analytics| (scans deeper than SATAN or ISS)  http://all.net:8080
-----------------
   Read "Protection and Security on the Information Superhighway"
   John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95



-- 
-----------------
\Management  /\/| 216-686-0090 - PO Box 1480, Hudson, OH 44236
 \        /\/   | Check out info-security heaven and test your system
  \/\  /\/      | for known vulnerabilities (1st time for free) at URL:
     \/Analytics| (scans deeper than SATAN or ISS)  http://all.net:8080
-----------------
   Read "Protection and Security on the Information Superhighway"
   John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95