Date: Thu, 18 Apr 2002 00:33:02 +1000 From: Enno Davids <enno@doc.metva.com.au> To: John Angelmo <john@veidit.net> Cc: isp@FreeBSD.ORG Subject: Re: Sniffer Message-ID: <20020418003302.K17567@doc.metva.com.au> In-Reply-To: <3CBD82B9.2070408@veidit.net>; from john@veidit.net on Wed, Apr 17, 2002 at 04:12:09PM %2B0200 References: <3CBD82B9.2070408@veidit.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 17, 2002 at 04:12:09PM +0200, John Angelmo wrote: |Hello | |I have a small problem. | |Some hosts at a campus are portsniffing or checking for unpatched |windows boxes. | |I can place my little freebsd laptop on the switch and sniff. |Are there any good tools for sniffing and getting OK reports, if they You might have a look at 'snort'. Its actually a network IDS but its pretty much ideal for this sort of thing. Especially as the activity you're interested in is essentially the same sort of thing the bad guys do anyway. Enno. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020418003302.K17567>