lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200403110526.i2B5QuV09904@singularity.tronunltd.com>
From: Ian.Latter at mq.edu.au (Ian Latter)
Subject: Caching a sniffer


While there's no way to be sure-sure ... you can get into your
local LAN segment and send ICMP(/whatever) requests to the
correct L3 address with the wrong L2 address and see if you
get a response; this will show you if hosts/devices are listening 
promiscuously (which makes for a good starting point).




----- Original Message -----
>From: "Gary E. Miller" <gem@...lim.com>
>To: "Patricio Bruna V." <pbruna@...ev.cl>
>Subject:  Re: [Full-Disclosure] Caching a sniffer
>Date: Wed, 10 Mar 2004 18:51:07 -0800
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Yo Patricio!
> 
> On Wed, 10 Mar 2004, Patricio Bruna V. wrote:
> 
> > How can i know if there a sniffer running in my network?
> 
> If the hacker has had physical access to your network, even for just a
> few minutes, then there are many ways he can install a sniffer you can
> never find short of tearing everything apart.
> 
> If you care about your data, you better encrypt end to end.
> 
> RGDS
> GARY
> - ---------------------------------------------------------------------------
> Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
> 	gem@...lim.com  Tel:+1(541)382-8588 Fax: +1(541)382-8676
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
> 
> iD8DBQFAT9Qe8KZibdeR3qURAhDPAKCuNz7q8joqyij/T1AHy0DHBF00HgCfTl0i
> W5eaIQIRi3Zx+B87I3nZKZ0=
> =p/BH
> -----END PGP SIGNATURE-----
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

--
Ian Latter
Internet and Networking Security Officer
Macquarie University


Powered by blists - more mailing lists