Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Sniffer sniffing
- Thread starter sergio503
- Start date
most sniffing is passive so it's hard to trace. if you suspect a particular machine then you could use something like (for windoze).
if you are on a switched LAN it can be harder to sniff without a trace tho as a sniffer needs a way to fool the switch in to sending it packets (ARP poisoning). if you download ettercap and run it with -c you can check to see if there's anything obvious going on. this can take a while on a large network. (arpwatch is also good)
ettercap's main purpose is to sniff networks itself so this may help you to understand what a sniffer could be getting.
if you are on a switched LAN it can be harder to sniff without a trace tho as a sniffer needs a way to fool the switch in to sending it packets (ARP poisoning). if you download ettercap and run it with -c you can check to see if there's anything obvious going on. this can take a while on a large network. (arpwatch is also good)
ettercap's main purpose is to sniff networks itself so this may help you to understand what a sniffer could be getting.
- Status