:::H M::: wrote:
Trus hal itu diapain donx...???? Bingung nih ;)
--- iko <[EMAIL PROTECTED]> wrote:
The_Eye_In_The_Sky wrote:
On Fri, 2004-06-18 at 09:53, Ronny Haryanto wrote:
Jun 17 00:00:00 gila.com kernel: device eth1 left promiscuous mode
Jun 17 00:00:00 gila.com kernel: eth1: Setting promiscuous mode.
Itu cuma pemberitahuan.
http://foldoc.doc.ic.ac.uk/foldoc/foldoc.cgi?query=promiscuous
Kemungkinan ada yg menjalankan vmware, ethereal, ettercap, dsb.
what about rootkit? hehehehe, tapi emang biasanya cukup pinter untuk cover up message ini
bener, ada yg menjalankan packet sniffer. http://www.robertgraham.com/pubs/sniffing-faq.html rootkit ? rootkit kan macem2 jenisnya... :)
cek dengan progie2 anti sniffer: http://www.l0pht.com/antisniff/ ftp://coast.cs.purdue.edu/pub/tools/unix/cpm/ http://www.apostols.org/projectz/neped/ http://www.packetfactory.net/Projects/sentinel/ ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/cpm/ ftp://andrew.triumf.ca/pub/security/ifstatus2.0.tar.gz
ettercap juga ampuh lho, untuk deteksi sniffer di satu network: ettercap.sourceforge.net
intinya kan mendeteksi 2 IP yg pake 1 MAC yg sama... salah satunya pasti sniffer. :)
-- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php
