Re: Sniffer Detection

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Steve Smith: "Re: I'm with Gene"
• Previous message: allwyn : "RE: netscape"
• Maybe in reply to: Nathan Gentry: "Sniffer Detection"

Arve Kjoelen wrote:
> 
> > >>What about sniffing inside a firewall.  Is there any way yet of possibly d
etecting a
> sniffer?
> >
> > I participated in a study of this sometime back.  Summary, not very likely.
> <snip>
> 
> Unless, of course, the network admin has access to all machines within the
> firewall and (s)he can get the NIC to report that it is in promiscuous
> mode.
> 

And the intruder hasn't been slick enough to modify ifconfig not to report
that the interface is in promiscuous mode.  

SteveN

...simpler living through complexity...

• Next message: Steve Smith: "Re: I'm with Gene"
• Previous message: allwyn : "RE: netscape"
• Maybe in reply to: Nathan Gentry: "Sniffer Detection"