Sniffer detectors for Linux?
Thomas Charron
tcharron at ductape.net
Thu Sep 19 15:33:33 EDT 2002
Quoting "Derek D. Martin" <ddm+gnhlug at pizzashack.org>:
> > Hmmm. Valid point. I know a fair bit about low-level ethernet
> stuff,
> > so: wouldn't it be possible to set up a MAC:IP table of some sort?
> To what end? Suppose the sniffer doesn't configure an IP address?
Then you'd probrably have your culprit. ;-)
> ...unless you spoof, say, your gateway router. Or some other
> networking device. It's a common misconception that switched networks
> can't be sniffed.
> http://monkey.org/~dugsong/dsniff/
Aye, I was going to post a simular link, but the original is better. On the
other hand, one can very easily also write a utility to TAKE a look at the
tables being used, and the offender will be rather obviouse..
--
Thomas Charron
-={ Is beadarrach an ni an onair }=-
More information about the gnhlug-discuss
mailing list