Re: Network security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2004-06-11 at 15:56, Bruno Wolff III wrote:
> On Thu, Jun 10, 2004 at 11:37:17 -0400,
>   "Scot L. Harris" <webid@xxxxxxxxxx> wrote:
> > On Thu, 2004-06-10 at 04:37, Chadley Wilson wrote:
> > > Hello friends,
> > > 
> > > My network with approx 300 users is routed to the internet through a
> > > proxy and firewall, we have a DNS server and PDC Server.
> > > It is a winXplease network.
> > > 
> > > With a linux PC connected -
> > > What tools would you suggest I could use for the following:
> > > 
> > > 1) Track an internal PC running a sniffer of some sort, obtain its ip
> > > and mac address, then stop it sniffing and maybe kick it off the
> > > network.
> > > 
> > 
> > The bad news is this would be very difficult to detect.  The good news
> > is if you are using switches sniffing on your network becomes almost
> > impossible.  In a switched network you would need access to the switch
> 
> Traffic on switches can be sniffed using a couple of varients of arp
> spoofing. However if something is monitoring the traffic, this should
> be detectable.
Try http://www.snort.org/docs/tap/ for a truly passive sniffer on a
switch. 
-- 
jludwig <wralphie@xxxxxxxxxxx>



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux