lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <b400c69a0511260124v6b86e730m9aa7533cce4828cb@mail.gmail.com>
Date: Sat Nov 26 09:24:50 2005
From: hq4ever at gmail.com (Maxim Vexler)
Subject: How do you sniff your LAN subnet in nowdays
	switched networks ?

Hello FD,

Recently one of our offices started to experience a significant packet
lost ratio and was having trouble browsing the web. The network
infrastructure is very simple[1] - its a remote office connected to
the Internet. The suspicion reduced to a number of possible causes,
one of them is an infected machine that is causing noise on that
subnet. As an attempt to locate that machine I tried to use a sniffer
in promiscuous mode to listen to the network.
The problem is that the office (like the rest of the world today) uses
a switch in his cable closet. So, for the sake of a successful
sniffing I will be forced to temporally replace this switch with my
trusty hub the next time I get a chance to go there.

In the mean time I would like to ask you if any testing can be made to
locate a noisy machine on a subnet that is connected with a switch?

Another aspect of this issue is this: I disconnected some machines
from the network, what seems to provide some improvements in the
response times but I still don't know the cause of the problem. I
tried to locate some "noise stress testing" tool to run on one of the
machines so that I can simulate the noise to see if that will have any
affect on the response times, but oddly enough I wasn't able to find
any decent ones that would actually work - Your advice on the subject
would be much appreciated.

Thank you reading.
Blessings to all.

[1] : What they have is : ((clients)) --->>> [hp switch] -_-> [router]
-_-> [asdl modem] -> {{{ Internet }}}

--
Cheers,
Maxim Vexler (hq4ever).

Do u GNU ?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ