:::H M::: wrote:
Trus hal itu diapain donx...???? Bingung nih ;)
--- iko <[EMAIL PROTECTED]> wrote:
The_Eye_In_The_Sky wrote:
On Fri, 2004-06-18 at 09:53, Ronny Haryanto wrote:
Jun 17 00:00:00 gila.com kernel: device eth1 left promiscuous mode
Jun 17 00:00:00 gila.com kernel: eth1: Setting promiscuous mode.
Itu cuma pemberitahuan.
http://foldoc.doc.ic.ac.uk/foldoc/foldoc.cgi?query=promiscuous
Kemungkinan ada yg menjalankan vmware, ethereal, ettercap, dsb.
what about rootkit? hehehehe, tapi emang biasanya cukup pinter untuk
cover up message ini
bener, ada yg menjalankan packet sniffer.
http://www.robertgraham.com/pubs/sniffing-faq.html
rootkit ? rootkit kan macem2 jenisnya...
:)
cek dengan progie2 anti sniffer:
http://www.l0pht.com/antisniff/
ftp://coast.cs.purdue.edu/pub/tools/unix/cpm/
http://www.apostols.org/projectz/neped/
http://www.packetfactory.net/Projects/sentinel/
ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/cpm/
ftp://andrew.triumf.ca/pub/security/ifstatus2.0.tar.gz
ettercap juga ampuh lho, untuk deteksi sniffer di satu network:
ettercap.sourceforge.net
intinya kan mendeteksi 2 IP yg pake 1 MAC yg sama...
salah satunya pasti sniffer.
:)
--
Unsubscribe: kirim email kosong ke [EMAIL PROTECTED]
Arsip dan info di http://linux.or.id/milis.php
FAQ milis http://linux.or.id/faq.php