Full Disclosure mailing list archives
Re: Caching a sniffer
From: eflorio () edmaster it
Date: 11 Mar 2004 13:53:34 -0000
Try this..... http://www.securityfriday.com/ToolDownload/PromiScan/promiscan_doc.html It tries to detect promisc. mode interface on your LAN using special ARP packets. Anyway you must detect if attacker is using : - promiscuous mode simple packet sniffer - arp poisoning \"man-in-the-middle\" sniffing (look at ettercap....) EF
----- Original Message ----- From: \"David Vincent\" <david.vincent () mightyoaks com> To: <full-disclosure () lists netsys com> Sent: Thursday, March 11, 2004 6:51 AM Subject: RE: [Full-disclosure] Caching a sniffer
How can i know if there a sniffer running in my network?
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Caching a sniffer, (continued)
- RE: Caching a sniffer Justin Baldini (Mar 12)
- Re: Caching a sniffer Bob Radvanovsky (Mar 11)
- Re: Caching a sniffer Ian Latter (Mar 10)
- Re: Caching a sniffer Cael Abal (Mar 10)
- RE: Caching a sniffer David Vincent (Mar 10)
- Re: Caching a sniffer Lan Guy (Mar 11)
- Re: Caching a sniffer Ian Latter (Mar 10)
- RE: Caching a sniffer Motiwala, Yusuf (Mar 11)
- RE: Caching a sniffer Dave Horsfall (Mar 11)
- RE: Caching a sniffer Motiwala, Yusuf (Mar 11)
- Re: Caching a sniffer eflorio (Mar 11)
- RE: Caching a sniffer RMcElroy (Mar 11)