Date: Mon, 12 Apr 1999 09:31:58 -0600 From: "Eric S. Nooden" <noodene@beloit.edu> To: freebsd-questions@FreeBSD.ORG Subject: Sniffers and Sniffer detection [General UNIX question] Message-ID: <4.1.19990412090921.009e0420@beloit.edu>
next in thread | raw e-mail | index | archive | help
Hello all! A question or two concerning sniffers and sniffer detection. 1. Is it possible to detect if a sniffer is being used? I know that the MS Network Analyzer does detect when their product is being used but I am more concerned with the UNIX side of the house. If not, is there any program that could determine whether or not the promiscuous mode is being used on any NIC...sort of like using nmap to scan for it? 2. Is it possible to install a sniffer, in a user account (with no root access), and sniff the network and watch for passwords? I do realize that anything is possible, but I would appreciate a more specific answer and possibly some ways to protect against sniffers. One precaution to possibly take is to place the modem lines on 10/100 switches and also the primary systems. I would think that protects us a little bit considering you can't sniff outside our collision domain (unless you had an "agent" on another hub(s) ). Please email me direct in addition to emailing FreeBSD-questions. Thank you in advance! Eric S. Nooden Technical Service Manager, ITS noodene@beloit.edu ================================================================= Eric S. Nooden (CET,MSC,MCP) Information Technology Services Technical Service Manager Beloit College, Mayer Hall #207 Voice: 608.363.2458 Office hours: 0800-1700 Fax: 608.363.2100 http://www.inwave.com/~armyeric ================================================================= Ah, life! Be my wild mistress!! - Dogbert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990412090921.009e0420>