[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Network security



On Thu, Jun 10, 2004 at 10:37:20 +0200,
  Chadley Wilson <chadley pinteq co za> wrote:
> 
> 1) Track an internal PC running a sniffer of some sort, obtain its ip
> and mac address, then stop it sniffing and maybe kick it off the
> network.

There are some tricks you can do to try to catch NICs running in
promiscuous mode. If normally people aren't doing things where they
would be used that way, then it may make sense to look for that.
This would also only apply in a hub environment. In a switched environment
you can't do entirely passive sniffing effectively. You first need to
compromise the switch or convice hosts that they should route their
traffic through the sniffing host.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]