Re: [Full-Disclosure] Caching a sniffer

From: Tim (
Date: 03/11/04

  • Next message: Tim: "Re: [Full-Disclosure] Caching a sniffer"
    To: "Patricio Bruna V." <>
    Date: Wed, 10 Mar 2004 19:59:58 -0800

    > How can i know if there a sniffer running in my network?

    There was a long thread on this subject in February on focus-ids:

    One link to an interesting paper posted there:

    There may be other ways, but the approach described in the paper would
    probably work in most cases provided the interface in question was
    configured with an IP. Then again, I may not know what the hell I am
    talking about...


    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:

    Full-Disclosure - We believe in it.

  • Next message: Tim: "Re: [Full-Disclosure] Caching a sniffer"