There are various tools to do this, as far as I know they all work based on the ability to spoof arp replies. Here are a few links:
http://monkey.org/~dugsong/dsniff/ (a host of tools for sniffing through various spoofing attacks) http://www.phenoelit.de/fr/tools.html (specifically just for arp spoofing although they have some other interesting tools) Be aware that if you have a busy network, some of these tools could potentially be disruptive depending on how they are used. Be also aware that if you don't have authority to use these tools on the network in question, using them is probably a good reason for termination of employment. I don't recommend you use these tools unless you know what you are doing _and_ you have explicit authorization from the network owner to use them. It's far better to just span the port or use VACL's. In other words, use these tools at your own risk. HTH, Kent On Wed, 2003-07-16 at 00:32, Nathan wrote: > I need a sniffer that doesn't require spanning a port. Any suggestions? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72398&t=72372 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]