[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Caching a sniffer

To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Caching a sniffer
From: Chris Adams <chris@xxxxxxxxxxxxxx>
Date: Wed, 10 Mar 2004 19:25:37 -0800

On Mar 10, 2004, at 13:13, Patricio Bruna V. wrote:

How can i know if there a sniffer running in my network?

You might catch someone sloppy with tricks like DNS resolution (send data with a hostname / IP and see who resolves it) or bugs in the way the sniffing host handles things like ARP resolution (search for antisniff if you want a tool which does this) - other than that, there's really no way to find a sniffer. Your best bet is to use strong encryption so it no longer matters if someone is sniffing traffic.

Chris

Attachment: smime.p7s
Description: S/MIME cryptographic signature

References:
- [Full-Disclosure] Caching a sniffer
  - From: Patricio Bruna V.

Prev by Date: Re: [Full-Disclosure] MDKSA-2004:021 - Updated mozilla packages fix multiple vulnerabilities
Next by Date: Re: [Full-Disclosure] Caching a sniffer
Previous by thread: Re: [Full-Disclosure] Caching a sniffer
Next by thread: Re: [Full-Disclosure] Caching a sniffer
Index(es):
- Date
- Thread