Full Disclosure mailing list archives
Re: Caching a sniffer
From: Chris Adams <chris () improbable org>
Date: Wed, 10 Mar 2004 19:25:37 -0800
On Mar 10, 2004, at 13:13, Patricio Bruna V. wrote:
How can i know if there a sniffer running in my network?
You might catch someone sloppy with tricks like DNS resolution (send data with a hostname / IP and see who resolves it) or bugs in the way the sniffing host handles things like ARP resolution (search for antisniff if you want a tool which does this) - other than that, there's really no way to find a sniffer. Your best bet is to use strong encryption so it no longer matters if someone is sniffing traffic.
Chris
Attachment:
smime.p7s
Description:
Current thread:
- Caching a sniffer Patricio Bruna V. (Mar 10)
- Re: Caching a sniffer Gary E. Miller (Mar 10)
- Re: Caching a sniffer Dave Horsfall (Mar 10)
- Re: Caching a sniffer morning_wood (Mar 11)
- Re: Caching a sniffer Tim (Mar 10)
- Re: Caching a sniffer Chris Adams (Mar 10)
- Re: Caching a sniffer Eric LeBlanc (Mar 11)
- Re: Caching a sniffer Simon Richter (Mar 11)
- Re: Caching a sniffer Kenton Smith (Mar 11)
- RE: Caching a sniffer Mike Fratto (Mar 11)
- RE: Caching a sniffer Kenton Smith (Mar 11)
- RE: Caching a sniffer David Bartholomew (Mar 11)
- Re: Caching a sniffer Simon Richter (Mar 12)
- RE: Caching a sniffer Justin Baldini (Mar 12)
- RE: Caching a sniffer Mike Fratto (Mar 11)
- <Possible follow-ups>
- Re: Caching a sniffer Ian Latter (Mar 10)