RE: A Solution for sniffing

[<wbjw () mindspring com>]

There ARE ways to detect sniffing, but not necessarily completely reliable. 
Sniffing places the network device into promiscous (SP?) mode.  The old l0pht
had a antisniff which @Stake still offers.  Other tools may exist as well
which detect sniffing.

On Tue, 17 Dec 2002 12:19:23 -0500 Bruce.Orcutt () alltel com wrote:

> As sniffing is a passive act, there is no way
> that you can detect the act itself, unless you
> have access to the machine that's doing the
> possible sniffing itself.
>
> Perhaps one of the simplest ways to ensure
> sniffing is made much more difficult at the
> least is by switching from a hub type network
> to a switched network.  In a switched
> environment, other users cannot see each others
> network streams, thus providing a layer of
> protection.  
>
> Of course, like all techniques, this can be
> gotten around by various additional techniques,
> but it does make life more difficult to would
> be sniffers. (ie: user installs a hub via an
> uplink port to switched segment, and connects
> target's system and a sniffing machine to the
> hub.)
>
>
>
> -----Original Message-----
> From: fadi () lebrocks com
> [mailto:fadi () lebrocks com]
> Sent: Tuesday, December 17, 2002 5:41 AM
> To: security-basics () securityfocus com
> Subject: A Solution for sniffing
>
>
>
> Hello Folks,
> I think i am being sniffed by somone on my
> network, and i was wondering. is 
> there an application to check wether i am being
> sniffed or not, and if i 
> was, how can i fix that ?(like PGP for mail,
> what about other protocols) 
>
> P.S. : Running Linux Slackware 8.1 (if that
> would help) 
>
> cheers,
> Fadi R. Khouja