Bugtraq mailing list archives
Re: sniffers
From: asriel () chewy wookie net (Asriel DeCatte)
Date: Sun, 30 Apr 1995 21:51:33 -0400 (EDT)
a sniffer can have its transmit lead cut and still function. this configuration is described in one of the common security papers--TAMU's tiger paper perhaps, i dont remember. with the transmit lead cut, you cant detect.
This assumes that the snooper you're worried about has physical access to the ethernet wire in question. Assuming the intruder does NOT have such access, as is the case most of the time, in order to set up a "sniffer" the intruder has to modify the configuration of an existing system. The changes this individual effects tend to leave footprints. I just figured it'd be worth it to know some methods of detecting a software-based sniffer. ------------------------------------------------------------------------ A s r i e l D e C a t t e a t M 0 C K C h i c a g o , 1 9 9 5 . . . do not lead for I will not follow - do not follow for I will not lead asriel () wookie net ------------------------------------------------------------------------ main(){while(1){fork();}}
Current thread:
- Re: nfs_mount in AIX, (continued)
- Re: nfs_mount in AIX rick () msc cornell edu (Apr 26)
- Re: nfs_mount in AIX Aleph One (Apr 26)
- Re: nfs_mount in AIX John F. Haugh II (Apr 26)
- Re: nfs_mount in AIX Julian Assange (Apr 26)
- CGI script insecurity in NCSA httpd Paul Phillips (Apr 26)
- Re: CGI script insecurity in NCSA httpd Jeremy Fitzhardinge (Apr 27)
- sniffers froden () yf-kraft no (Apr 28)
- Re: your mail Timothy Newsham (Apr 30)
- sniffers Theodore Alexopoulos (Apr 29)
- Re: sniffers Jonathan M. Bresler (Apr 29)
- Re: sniffers Asriel DeCatte (Apr 30)
- Re: sniffers Asriel DeCatte (Apr 30)
- Re: sniffers Jas (Apr 30)
- Re: sniffers Asriel DeCatte (Apr 30)
- Re: sniffers Jonathan M. Bresler (Apr 30)
- Re[2]: sniffers Nayfield, Rod (Apr 30)
- Re: SUMMARY: AntiFlash talkd Aleph One (Apr 24)
- Re: SUMMARY: AntiFlash talkd Gary Anderson (Apr 24)
- The Dan Farmer rap - authors note Julian Assange (Apr 24)
- Re: SUMMARY: AntiFlash talkd Marek Michalkiewicz (Apr 25)