Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Caching a sniffer
From: eflorio () edmaster it
Date: 11 Mar 2004 13:53:34 -0000


Try this.....

http://www.securityfriday.com/ToolDownload/PromiScan/promiscan_doc.html

It tries to detect promisc. mode interface on your LAN
using special ARP packets.

Anyway you must detect if attacker is using :
- promiscuous mode simple packet sniffer
- arp poisoning \"man-in-the-middle\" sniffing (look at ettercap....)

EF

----- Original Message ----- 
From: \"David Vincent\" <david.vincent () mightyoaks com>
To: <full-disclosure () lists netsys com>
Sent: Thursday, March 11, 2004 6:51 AM
Subject: RE: [Full-disclosure] Caching a sniffer


How can i know if there a sniffer running in my network?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault