sniffers detection tools

Printable View

February 15th, 2005, 01:50 PM
Penguin

sniffers detection tools

is there an open source sniffers detection tools?
February 15th, 2005, 01:55 PM
MrLinus

Lots of them. The following 3 sniffers are the most well known:

TCPDump

Ethereal

Ettercap

For IDS (detection) probably the most well-known is

SNORT

Prelude-IDS is a newer, hybrid IDS.
February 15th, 2005, 02:58 PM
Kite

i have Ethereal, it is a very easy program to use after setting it up.
February 16th, 2005, 09:41 PM
Penguin

Quote:

Originally posted here by MsMittens
Lots of them. The following 3 sniffers are the most well known:

TCPDump

Ethereal

Ettercap

For IDS (detection) probably the most well-known is

SNORT

Prelude-IDS is a newer, hybrid IDS.

i wanna detect someone is sniffing my network..
is there such tools?
February 16th, 2005, 09:59 PM
MrLinus

Hrmm.. depends on how the person is sniffing. If they are doing active sniffing (involving arp poisoning) they'll be easy enough to see using simple packet sniffers I've identified above. If they are passively sniffing that can be harder but is possible to a degree. This PDF WhitePaper on Promiscuous NIC Detection can help.

Tools like ArpMonitor, AntiSniff (no longer in production?) and a few others would be what you're looking for. Take a gander at SecurityFocus' Sniffer section
February 16th, 2005, 09:59 PM
DjM

Have a look at AntiSniff , I never used it, but it kind of looks like what your asking for.

Cheers:

/edit
Sorry MsM, I thought AntiSniff was still available.....
February 16th, 2005, 10:06 PM
MrLinus

Ever since l0pht went to @Stake a lot of their former good tools went "bye-bye". :(

All times are GMT +1. The time now is 06:00 AM.