RE: Caching a sniffer

• Previous message: Matt Howard: "Re: Re[2]: MD5 algorithm"
• In reply to: Shawn Jackson: "RE: Caching a sniffer"
• Next in thread: David Gillett: "RE: Caching a sniffer"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Shawn Jackson'" <sjackson@horizonusa.com>
Date: Tue, 23 Mar 2004 10:12:27 -0800

  I'm aware of SPAN, of course. I use it routinely to *enable*
sniffing, not PREVENT it. (I took "Caching" to be an obvious
misspelling of "Catching" -- was that my mistake?)

  What I don't see is how it can be described as "disable all it's
port to allow promiscuous mode across the network", which sounds
like maybe it means a switch command to either prevent client
devices from going into promiscuous mode, or shut down the switch
ports of clients who do. If such a command existed, it would be
a great way to prevent users from sniffing each other's traffic,
but I don't believe it does.

David Gillett

> -----Original Message-----
> From: Shawn Jackson [mailto:sjackson@horizonusa.com]
> Sent: Tuesday, March 23, 2004 9:49 AM
> To: gillettdavid@fhda.edu; ksaenz@spinaweb.com.au
> Cc: security-basics@securityfocus.com
> Subject: RE: Caching a sniffer
>
>
> >Could you, for instance, give the Cisco command(s) which do
> what you're
>
> >trying to describe?
>
> It's called Port Mirroring or SPAN.
> http://www.cisco.com/warp/public/473/41.html.
>
> Almost all (good) switches have that functionality, you just need to
> find it.
>
> CAT1900 Example
> http://www.effetech.com/help/cisco-span.htm
>
>
> Shawn Jackson
> Systems Administrator
> Horizon USA
> 1190 Trademark Dr #107
> Reno NV 89521
>
> www.horizonusa.com
> Email: sjackson@horizonusa.com
> Phone: (775) 858-2338
> (800) 325-1199 x338
>

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: Matt Howard: "Re: Re[2]: MD5 algorithm"
• In reply to: Shawn Jackson: "RE: Caching a sniffer"
• Next in thread: David Gillett: "RE: Caching a sniffer"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]