Intrusion Detection Systems mailing list archives
Re: RE: detecting a sniffer remotely
From: tschroed () acm org (Trevor Schroeder)
Date: Thu, 14 Oct 1999 07:46:51 -0500 (CDT)
On Thu, 14 Oct 1999, Hunt, Charles wrote:
Does anyone knows if it's possible to detect remotely a sniffing host (specially whithout knowing its IP or MAC address.
I grabbed the L0pht's AntiSniff for UNIX and it worked reasonably well. Of course, that was against a slow box, so the PING variance test worked like a charm. Of course, there's also AntiSniff for Windows with a spiffy interface, yada yada yad. But who cares? :) .......................................................................... : "I knew it was going to cost me my head and also my swivel chair, but : : I thought: What the hell--better men than I have risked their heads : : and their swivel chairs for truth and justice." -- James P. Cannon : :........... http://www.zweknu.org/ for PGP key and more ................:
Current thread:
- Re: detecting a sniffer remotely seregon (Oct 01)
- <Possible follow-ups>
- RE: detecting a sniffer remotely Hunt, Charles (Oct 14)
- Re: RE: detecting a sniffer remotely Trevor Schroeder (Oct 14)
- Re: detecting a sniffer remotely laurent van-cauwelaert (Oct 14)
- Re: detecting a sniffer remotely Trevor Schroeder (Oct 14)
- Re: RE: detecting a sniffer remotely CyberPsychotic (Oct 15)
- Re: RE: detecting a sniffer remotely Trevor Schroeder (Oct 15)
- Re: RE: detecting a sniffer remotely Trevor Schroeder (Oct 16)
- Re: RE: detecting a sniffer remotely Trevor Schroeder (Oct 14)
- Re: RE: detecting a sniffer remotely laurent van-cauwelaert (Oct 16)