Re: Windows Traffic Sniffer

From: xsr (xsr.1u0fkr_at_nospam.cx)
Date: 08/19/05


Date: Fri, 19 Aug 2005 11:56:33 +0000

jms504 Wrote:
> Right.
> Ultimately what I am doing is trying to find a way to be able to sniff
> traffic on the same subnet to a group of servers without having to go
> to each server and set up a sniffer to log incoming packets. We have a
> pretty good size network. Setting up a sniffer on each would be too
> resource consuming.
OK, so ignore my post about remote sniffing, heh. I've read this after
getting enthousiast about the remote sniffer daemon.

jms504 Wrote:
> ..and bringing down the network would be a
> bad thing..a VERY bad thing
 When poisoning excisting connections usually get dropped, even if it
might take a second or less for the programs to reconnect. Unless these
programs require user intervention for re-establishing.

Considering this next to the mentioned hardware or (non-gui or gui)
tools, i don't know of a way to make it work on windows.
You could try arp-sk ( http://www.arp-sk.org/ ) but it is non-gui.
Cain & able combined with analyzer seems like the closed match to your
requirements, in my opinion. It seems like a bitch to add all the hosts
seperatelly into cain's APR, though.

Anyway, good luck with it.

----
xsr
08eb d563 c78f 85a9 2f4b  571b 9177 22e6 65ad ac05
http://www.research-labs.net/


Relevant Pages

  • RE: Detecting Network Sniffers ???
    ... I am a network security person but not yet an expert in this field so ... Can somebody guide me on detecting a sniffer on my network. ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: Firewall and IDS, (the second way).
    ... There's only two ways of detecting an IDS that I know. ... Look for the data stream from a remote sensor (sniffer) to wherever ... a network card usually discards ethernet ... This also isn't very useful for remote sniffer detection. ...
    (Vuln-Dev)
  • Re: packet sniffing help needed.
    ... In order to sniff traffic between the two victims, ... the sniffer on the same physical network. ... can take between the two to reliably try sniffing. ...
    (Security-Basics)
  • Re: A Solution for sniffing
    ... > I think i am being sniffed by somone on my network, ... Try and detect cases of ARP Spoofing on the network. ... Usually the sniffer will try and ARP Spoof the gateway. ... Also if you are using hubs, it might be a good idea to switch to switches. ...
    (Security-Basics)
  • Re: Casio IT500 and Authentication Util
    ... Checked the archives, ... is on the USB port is a sniffer still relevant? ... Re Network: ... The connection to the CE device is via a USB port which has a InfraRed ...
    (microsoft.public.dotnet.framework.compactframework)