[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Caching a sniffer

To: david.vincent@xxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Caching a sniffer
From: eflorio@xxxxxxxxxxx
Date: 11 Mar 2004 13:53:34 -0000

Try this.....

http://www.securityfriday.com/ToolDownload/PromiScan/promiscan_doc.html

It tries to detect promisc. mode interface on your LAN
using special ARP packets.

Anyway you must detect if attacker is using :
- promiscuous mode simple packet sniffer
- arp poisoning \"man-in-the-middle\" sniffing (look at ettercap....)

EF

>----- Original Message ----- 
>From: \"David Vincent\" <david.vincent@xxxxxxxxxxxxxx>
>To: <full-disclosure@xxxxxxxxxxxxxxxx>
>Sent: Thursday, March 11, 2004 6:51 AM
>Subject: RE: [Full-Disclosure] Caching a sniffer

>
> How can i know if there a sniffer running in my network?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: Browser security was Re: [Full-Disclosure] MDKSA-2004:021 - Updated mozilla packages fix multiple vulnerabilities
Next by Date: [Full-Disclosure] Off-topic (was Meth and hacking?)
Previous by thread: RE: [Full-Disclosure] Caching a sniffer
Next by thread: RE: [Full-Disclosure] Caching a sniffer
Index(es):
- Date
- Thread