From: Zachary Mutrux (zmutrux_at_compumentor.org)
To: "Security-Basics" <firstname.lastname@example.org> Date: Mon, 15 Dec 2003 17:35:43 -0800
The Perl script sniffer.pl on this page supposedly can be used to detect the
presence of the WinPcap driver, which is used by Ethereal, snort and other
packet sniffers. There are definitely sniffers that don't use WinPcap.
I haven't used this script. I also think it was designed for use on NT. No
idea if it actually works. I'd like to hear if anyone has had good
experience with this, however.
> 2) Can Sniffing be detected using a Network Intrusion
> Detection System and if yes then are there any Sniffing ways
> which are not detected by NDIS?
- application/x-pkcs7-signature attachment: smime.p7s