[66598] in North American Network Operators' Group
Re: sniffer/promisc detector
daemon@ATHENA.MIT.EDU (Joel Jaeggli)
Fri Jan 16 18:06:59 2004
Date: Fri, 16 Jan 2004 15:00:57 -0800 (PST)
From: Joel Jaeggli <joelja@darkwing.uoregon.edu>
To: "Laurence F. Sheldon, Jr." <larrysheldon@cox.net>
Cc: nanog@merit.edu
In-Reply-To: <40086A95.8D2DB487@cox.net>
Errors-To: owner-nanog-outgoing@merit.edu
if you have multiple network interfaces you can insure that
the one doing the snooping is undetectable by the tools that people wrote
to detect promiscious ethernets...
joelja
On Fri, 16 Jan 2004, Laurence F. Sheldon, Jr. wrote:
>
> Gerald wrote:
> >
> > Subject says it all. Someone asked the other day here for sniffers. Any
> > progress or suggestions for programs that detect cards in promisc mode or
> > sniffing traffic?
>
> I can't even imagine how one might do that. Traditionally the only
> way to know that you have a mole is to encounter secrets that "had to"
> have been stolen.
>
--
--------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
