sniffer/promisc detector
Damian Gerow
damian at sentex.net
Fri Jan 16 23:52:07 UTC 2004
Thus spake Gerald (gcoon at inch.com) [16/01/04 18:32]:
> Subject says it all. Someone asked the other day here for sniffers. Any
> progress or suggestions for programs that detect cards in promisc mode or
> sniffing traffic?
There's an art to detecting promiscuous devices.[1] A good starting point
is Google, and the phrase 'promiscuous detect'. IIRC, L0pht once produced
something that claimed to detect all promiscuous devices on a network, I
never got it to work properly.
- Damian
[1] general consensus is that most well-written OSes are near impossible to
detect, some older ones have various methods of detection, usually involving
either broadcast traffic or timing.
More information about the NANOG
mailing list