Sniffing

From: Shah H (Comp) (03004309_at_glam.ac.uk)
Date: 12/14/03

  • Next message: Brian Keefer: "Re: CISSP Boot Camps"
    Date: Sun, 14 Dec 2003 15:30:13 -0000
    To: <security-basics@securityfocus.com>
    
    

    Greetings to everyone on the group!!!!!!!

    I'm not an expert in the Security Arena like many of the guys on this
    group & wanted some information about Sniffer Programs solely for
    education purpose.

    1) On a Switched Network can Sniffers capture Network Traffic only for
    the switch it is connected to switch or for all the switches on the
    network?

    2) Can Sniffing be detected using a Network Intrusion Detection System
    and if yes then are there any Sniffing ways which are not detected by
    NDIS?

    Thank you all for your time. I sincerely await your replies...

    Cheers,

    Harshang Shah

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Brian Keefer: "Re: CISSP Boot Camps"

    Relevant Pages

    • RE: Sniffing a Switched Network
      ... Subject: Sniffing a Switched Network ... A switch operates at layer 2, and sorts traffic based on destination MAC ... knows which port that host lives on, only that host will get the traffic. ...
      (Security-Basics)
    • Re: null cipher
      ... > sniffing and even MITM attacks on a single switched Ethernet segment ... For example, let's say hosts A, B, and C are on a switch. ... floods the network with many forged packets with random source MAC ...
      (comp.security.ssh)
    • RE: Sniffing
      ... > 1) On a Switched Network can Sniffers capture Network Traffic only for ... > the switch it is connected to switch or for all the switches on the ... Sniffers on a switched network can only capture ... > 2) Can Sniffing be detected using a Network Intrusion Detection System ...
      (Security-Basics)
    • RE: Is SSH worth it??
      ... Sniffing the traffic is trivial, even on a switched network. ... switch and it will 'fail-open'...that means that it ... the most recent version of ssh. ...
      (Security-Basics)
    • RE: [Full-disclosure] how to bypass rogue machine detection techn iques
      ... There are methods of configuring switches to have their default VLAN ... be an innocuous network that's boxed in and/or be prompted with a default ... how to bypass rogue machine detection ... > at the switch level. ...
      (Full-Disclosure)