Security Basics: Re: Network sniffing on the wire

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

Re: Network sniffing on the wire - managed switches

From: "Calvin Maready" <cmaready () co del-norte ca us>
Date: Mon, 29 Dec 2008 08:12:09 -0800

if by 'not in monitor mode' you mean by not logging into the switch and mirroring all the ports to your port. which 
would be the ideal way, you could do arp spoofing and set yourself as the gateway or some other man in the middle 
attacks.

Tom Yarrish <tom () yarrish com> 12/26/2008 11:10 AM >>>

Hey all,
This may come off as somewhat of a newbie question, but it's one I've  
been curious about.

When you are doing any sort of pen testing or sniffing on the wire,  
how do you handle a managed switch scenario.  If you're connected to a  
switch on one port, how can you monitor the traffic on the the other  
ports if you're not in a monitor mode?  I've never understood how you  
can sniff traffic other than the traffic from your machine to a  
destination.

Thanks ahead of time,
Tom

By Date By Thread

Current thread:

Network sniffing on the wire - managed switches Tom Yarrish (Dec 29)
- RE: Network sniffing on the wire - managed switches Mercurio, Michael D (Dante) (Dec 29)
- Re: Network sniffing on the wire - managed switches Calvin Maready (Dec 29)
- Re: Network sniffing on the wire - managed switches Preston Connors (Dec 29)
- Re: Network sniffing on the wire - managed switches ArcSighter Elite (Dec 29)
- Re: Network sniffing on the wire - managed switches Jorge L. Vazquez (Dec 29)
- RE: Network sniffing on the wire - managed switches Burton Strauss III (Dec 29)
  - RE: Network sniffing on the wire - managed switches Rui Pereira (WCG) (Dec 30)