: Sumit Dhar [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 21, 2002 7:30 PM
To: [EMAIL PROTECTED]
Subject: Detecting Sniffers?
Hello All,
I was wondering the other day as to how one could go about detecting a
sniffer on the network. If it is a Shared Ethernet, I wouldn't even
try
Hello Everyone,
Thanks for your replies. Pretty educative, though they dont exactly solve the
problems.. Let me clarify a lil bit futher..
1. Tod, your suggestion though ideal, cannot be implemented. All developers need to be
given the root account.
2. Daniel and others who suggested I
On Thu, 21 Feb 2002, Sumit Dhar wrote:
Hello All,
I was wondering the other day as to how one could go about detecting a
sniffer on the network. If it is a Shared Ethernet, I wouldn't even
try... but on a Switched Ethernet, I feel there still is a chance.
Finding a sniffer on a switched
In-Reply-To: [EMAIL PROTECTED]
If you're talking about an NT/2K network, go to
http://patriot.net/~carvdawg/perl.html and check
out sniffer.pl...
Ettercap 0.6.2, Arpwatch 2.1a4 Snort 1.8-RELEASE all running on Linux Redhat 7.2
sounds like what you need. Got to http://packetstormsecurity.org
Let me know how it goes.
Cheers
Taiye.
In a message dated Thu, 21 Feb 2002 21:30:35 Greenwich Mean Time, Sumit Dhar
[EMAIL PROTECTED] writes:
Quoting Sumit Dhar ([EMAIL PROTECTED]):
1. What would be the best method to see if someone is carrying
out ARP-Spoofing?
2. Would it be possible to locate a machine that is flooding
the network with fake MAC replies?
arpwatch
Also, what would be the other
I would suggest using Ettercap (http://ettercap.sourceforge.net) to sniff in
the switched network.
Sniff Host A from Host B. Have Ethereal (www.ethereal.com) capture on Host
C. You might find something interesting with the ARP requests/changes.
Another thing you can do (this is what I do)
Hello All,
I was wondering the other day as to how one could go about detecting a
sniffer on the network. If it is a Shared Ethernet, I wouldn't even
try... but on a Switched Ethernet, I feel there still is a chance.
Specifically,
1. What would be the best method to see if someone is