Re: sniffer/promisc detector

[haesu () towardex com]

> PS. Sniffer... there are not any way to detect sniffer in the non-switched
> network, and there is not much use for sniffer in switched network, if this
> network is configured properly and is watched for the unusial events.

        depends on brand and model of switch

        $ portinstall dsniff
        $ man macof

-J (and yes, the thread topic is about ways for _watching_ "the unusual events" aka sniffing)

> > > The real smart ones - professionals - won't attack unless there's a
> chance
> > > of a serious payback.  This excludes most businesses, and makes anything
> > > but a well-known script-based attack a very remote possibility.
> >
> > that's just not so.  ask me about it in person and i might tell you
> stories.
> > > For most other people a trivial packet-filtering firewall, lack of
> > > Windoze, and a switch instead of a hub will do just fine.
> >
> > this part, i agree with.
> > -- 
> > Paul Vixie

-- 
James Jun (formerly Haesu)
TowardEX Technologies, Inc.
1740 Massachusetts Ave.
Boxborough, MA 01719
Consulting, IPv4 & IPv6 colocation, web hosting, network design & implementation
http://www.towardex.com  | james () towardex com
Cell: (978)394-2867      | Office: (978)263-3399 Ext. 170
Fax: (978)263-0033       | AIM: GigabitEthernet0
NOC: http://www.twdx.net | POC: HAESU-ARIN, HDJ1-6BONE