North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: sniffer/promisc detector
On Saturday 17 January 2004 11:18 am, Scott McGrath wrote: > It is also possible to sniff a network using only the RX pair so most of > the tools to detect cards in P mode will fail. The new Cisco 6548's have > TDR functionality so you could detect unauthorized connections by their > physical characteristics. > > But there are also tools like ettercap which exploit weaknesses within > switched networks. See http://ettercap.sourceforge.net/ for more details > (and gain some add'l grey hairs in the process). > > The question here is what are you trying to defend against?. > > Maybe this is just a stupid comment, but if the original poster is that concerned with their LAN being sniffed, then maybe they should consider using IPSec on their LAN. -- Donovan Hill Electronics Engineering Technologist, CCNA www.lazyeyez.net, www.gwsn.com
|