Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Caching a sniffer
From: Cael Abal <lists2 () onryou com>
Date: Thu, 11 Mar 2004 00:19:22 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ian Latter wrote:

While there's no way to be sure-sure ... you can get into your
local LAN segment and send ICMP(/whatever) requests to the
correct L3 address with the wrong L2 address and see if you
get a response; this will show you if hosts/devices are listening
promiscuously (which makes for a good starting point).

Not necessarily?

I thought that depended on the ip stack implementation.

Cael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFAT/baR2vQ2HfQHfsRAgZ0AJ46xhi8rNDXAt5TIHUZL2Il/Lil1gCfeGsE
GiGW9xeSwCMYgGPl1JvLwNE=
=nLkQ
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]