-
April 13th, 2004, 01:16 PM
#11
Sorry. 3 days and no sleep can make my eyes miss things.
-
April 13th, 2004, 04:56 PM
#12
"AntiSniff is network card promiscuous mode detector. It works by sending a series of carefully crafted packets in a certain order to a target machine, sniffing the results, and performing timing tests against the target. By measuring timing results and monitoring the target's responses on the network, it can be determined if the target is in promiscuous mode, i.e. sniffing the network. "
It actually works quite well, although you have to be on the same segment.
-Maestr0
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
-
April 13th, 2004, 05:18 PM
#13
Senior Member
re: AntiSniff
First, I have to agree and echo Catch's statement. Data is most vulnerable whilst in transit. The most popular and efficient means of protecting data in transit is encryption.
Secondly, I agree with Maestr0- Antisniff is a decent application which will work as intended.
From the overall context of this thread and the original question, you [jojo...] may be putting the cart before the horse imho. If you're truly worried about someone sniffing on your network, then implement safeguards before it happens rather than worrying about catching it after-the-fact. Doing the former instead of the latter will not only teach you more about information assurance but also be much more productive in both the short and long term.
Cheers,
<0
Ego is the great Logic killer
-
April 13th, 2004, 06:39 PM
#14
Junior Member
First its not my network i am just one of users its my isp network my internet works as LAN.
Second lessthanzero how can i implement safeguards like what, encryption?
Third i am just wanted help on making antisniff work or getting any program with same function lik antisniff to try check whos sniffing in promiscuous mode thats all i need not network security tutorial.
Thanks all for help but i still see no help on my subject.
-
April 13th, 2004, 07:20 PM
#15
Originally posted here by jojojojojoj
Third i am just wanted help on making antisniff work or getting any program with same function lik antisniff to try check whos sniffing in promiscuous mode thats all i need not network security tutorial.[/COLOR]
Thanks all for help but i still see no help on my subject. [/B]
"AntiSniff v1.021 - Antisniff is Windows software which will detect if any sniffers are running on the network. Works on Win 95, 98, and NT, but not Win2k . Changes: This release fixes yet another security hole - all users should upgrade again. Homepage here."
So if you have Win2k or Xp it will not work. Serious work on that tool has not been done since 2000. Look around the net and I am sure you will find something.
Thanks all for help but i still see no help on my subject.
You ask us for help. (probably before searching around on Google) Then you complain to us that we are not helping you.
N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)
-
April 13th, 2004, 07:35 PM
#16
Boy. This requires some fancy footwork with Google. I have to admit never looking for these kinds of tools for Windows. But I have found some!
proDETECT
Promisc Detect
That's what I've found thus far. I shall still endeavour to find more...
-
April 13th, 2004, 10:09 PM
#17
Junior Member
Originally posted here by CXGJarrod
So if you have Win2k or Xp it will not work. Serious work on that tool has not been done since 2000. Look around the net and I am sure you will find something.
I try under windows 98 to but BsOD apeared as son as i opened prog.
And i search google but found nothing.
-
April 13th, 2004, 10:13 PM
#18
Junior Member
Also i remember i have same reboot problem with SpyNet sniffer when i try to run it couple formats ago, but not it works fine i dont know why.
I have build in network card BroadCom NetExtreme Gigabit Ethernet or something BCM57xx with latest driver.
-
April 17th, 2004, 07:58 PM
#19
Yo, jojojojoj,
I did a bit of research on Antisniff. This is not a simple tool to use, and requires an understanding of network protocols. I don't think that you need 'winpcap', but more importantly, you would need to be able to establish a baseline of the network segment
you are trying to check, meaning that you need an idea of how your data looks like "without"
a network sniffer installed. Once you have a "signature", you can then compare packet data to find irregularities.
In addition, Antisniff uses a lot of resources, a high level app, so you shouldn't be running any
other programs in the background.
On a side note:
When I installed 'Ethereal', I downloaded winpcap (a windows packet capturing library file), and placed both winpcap and Ethereal into the same folder, for example C:\Documents & Settings\user \Computer Utilities\Networking Tools\Ethereal...
click on winpcap to install the library file, then click on Ethereal to install the sniffer...it will install itself into a program folder and place a shortcut on your desktop...
winpcap runs in the background when you run Ethereal, so there is nothing to click on, as far as winpcap is concerned. You will have to make sure you get the correct version of winpcap for Ethereal. This should work for Snort as well, apart from having to tweak some configs in Snort. Also, once winpcap is installed, you don't need to install it again, should you want to add Snort to Ethereal or vice versa.
Running Ethereal, you can capture packets by placing your NIC into promiscuous mode, and for example read the passwords of your e-mail accounts as they query the mail server, provided you told your client to remember them, or even as you type them in. Tons of fun...
Now I haven't tried to encrypt my passwords, but it seems that that woud be the only way to prevent someone with a sniffer from reading them...so you may want to check on that.
I caution you not to install a sniffer on a network for which you do not have authority to do so, and to be aware that you may be infringing on privacy rights of other users on that network!!! But it is a great way to learn about Network Protocols by installing it on your own computer, and capturing your 'own' data.
Once you understand that, Antisniff may be a useful tool to you.
g8way2u
-
April 19th, 2004, 04:59 PM
#20
just wanna make sure that can sniffer run under switch network??? why some article mention can be sniff under a switch ethernet network? can i do it with those technique like ARP poisoning, or level 2 compromising? any way or method i can perform a sniff under switch? any nice sniffer tool recommend?? Ethereal? Cain and Abel? sTerm? EtherPeek? or Spynet(does it work under W2K)??
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|