[1642] in bugtraq
Re: sniffers
daemon@ATHENA.MIT.EDU (Jonathan M. Bresler)
Sun Apr 30 14:39:41 1995
Date: Sun, 30 Apr 1995 12:41:48 -0400 (EDT)
From: "Jonathan M. Bresler" <jmb@kryten.Atinc.COM>
To: Asriel DeCatte <asriel@chewy.wookie.net>
Cc: Theodore Alexopoulos <root@ee.duth.gr>, bugtraq@fc.net
In-Reply-To: <199504300906.FAA31691@chewy.wookie.net>
On Sun, 30 Apr 1995, Asriel DeCatte wrote:
> First of all, pick up lsof and cpm...
> ftp://ftp.cert.org/pub/tools/lsof/lsof_3.02.tar.gz and
> ftp://ftp.cert.org/pub/tools/cpm/cpm.1.0.tar, respectively.
good tools. everything that asriel has written is fine. by all
means check out each machine thta you have on your net in detail.
(tripwire helps do this in an automanted fashion, as available from cert,
coast and crew).
sniffer logs files cna grow very quickly, watch you disk usage.
but you just about cant find a sniffer on your net. a laptop
makes a great sniffer. ethernet in the ceiling? good. laptop goes in
the ceiling space above the tiles and is retrieved a few days later. the
men's/women's room ceilings might be particulary good places. you can
often get a couple minutes of privacy there. aint no one going to yell
if you leave a facility without a computer ;)
jmb
Jonathan M. Bresler jmb@kryten.atinc.com | Analysis & Technology, Inc.
| 2341 Jeff Davis Hwy
play go. | Arlington, VA 22202
ride bike. hack FreeBSD.--ah the good life | 703-418-2800 x346
