Security Incidents mailing list archives
Sniffer on my network
From: Computer Vegetable <CompuVeg () COLUMBUS RR COM>
Date: Wed, 16 Aug 2000 09:36:27 -0400
At my office I've recently installed a network monitoring package called LanGuard. One of the things this tool does is find network sniffers on your network. I didn't expect to see any, but as it turns out one of our workstations is showing up as a sniffer. I am unable to find any processes running on the machine with unidentifiable sources. I'm also unable to find any known Trojans or other viruses on that machine. The only odd thing that I have found is that anytime a network cable is plugged into the workstation in question, the address 13.10.15.10 shows up IMMEDIATELY in the ARP. Has anyone seen anything like this? ARIN says the address is owned by Xerox PARC, who's admin says that IP is theirs, but not currently in use. Thanks
Current thread:
- Sniffer on my network Computer Vegetable (Aug 18)
- Re: Sniffer on my network Eduardo Cruz (Aug 18)
- <Possible follow-ups>
- Re: Sniffer on my network Sandro Gauci (Aug 22)