Re: [Full-Disclosure] Caching a sniffer

[Kenton Smith <ksmith () chartwelltechnology com>]

I skimmed through some of the articles and they all have some good
information. Are you running a switched network? If you are then the
easiest way is to look at your traffic stats and find the port that
*all* traffic is going to.
If this doesn't make sense to you, then you should do some more research
on sniffers.

Kenton

On Wed, 2004-03-10 at 14:13, Patricio Bruna V. wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> How can i know if there a sniffer running in my network?
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFAT4UNT29IM+6ptNcRAoKlAJ9Kbk2yH4MKrQRNaz6OVM2Jai8/+QCgoUnx
> IXCJDuMJxTU9r/E5AhjW1fc=
> =LiUx
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------