Is it possible to determine if someone is sniffing traffic on our server?
If so, what is the best way to go about this?
thanks
Printable View
Is it possible to determine if someone is sniffing traffic on our server?
If so, what is the best way to go about this?
thanks
Sure, there are a couple of different ways and tools out there.
You didn't give any specific info on your network (cables, hubs, managed/unmanaged switches, routers, workstation OSs, server OSs, etc.)
Is there any reason you think that someone is sniffing your traffic?
If so, why?
In the mean time... read up some of the following links from google.
http://www.google.com/search?hl=en&r...scuous&spell=1
Hi. You might be interested in this tool if you are managing a Windows network.
PromqryUI 1.0
:)
Here are two more:
Sentinel
http://www.packetfactory.net/Projects/sentinel/
Sniffdet
http://sniffdet.sourceforge.net/
Thanks for the information everyone. The server is a Linux/Apache setup. I am not sure about the routers and hubs. It is a dedicated server but it is hosted.
We don't necessarily have any evidence that someone may be sniffing traffic. We would just like to take a proactive approach--just in case.
Thanks