Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: snooper watchers
From: aleph1 () dfw net (Aleph One)
Date: Thu, 23 Feb 1995 01:55:56 -0600 (CST)

Here are a few I found:

        http://underground.org/tools/unix/audit/cpm/cpm.1.0.tgz
        http://underground.org/tools/unix/audit/ifstatus/ifstatus.tgz

Dont know if they will work on Solaris 2.x though.


On Wed, 22 Feb 1995, Eric Conrad wrote:


The first thing many crackers do is replace ifconfig with a trojan that 
won't report when an interface is in promiscuous mode.

You could look at 'cpm', which will also show when an interface is 
promiscuous.  It's available from ftp.cert.org.  You're still in the same 
boat if someone replaces it with their own, however.

                              ...Eric

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]