>> Or, even better than knowing if the claims are true, how can one detect if
>> they're being sniffed???. -Ken.
>>
>> Ken Beames
>> Sr. Network Analyst
>> Network Operations Group
>> Quarterdeck Office Systems
>> beames @
qdeck .
com
>
>
>In order for a sniffer to sniff, it must put the ports in promiscous mode..
>You can check (system specific, but most are the same, and I dont know off
>hand) to see if the ports are in that mode..
>
>Another thing, almost every UNIX system (all that I have heard about) requires
>that in order to put the ports in promiscous mode you have root permissions..
>
>Processes that are owned by root, but are not recognizable as something that
>should be running is suspect, and any suid root program should be suspect..
>
Thanks, I know how to put my NIC in promisc mode, what I want to know is if
someone has a machine on the wire between me and my service provider, and is
capturing packets. I have serious doubts that this kinda thing can be
detected, but, then again, I'm not a superman of internet, as some others
might very well be.
-KEn.
-------------------------------------------------------------------------------
Ken Beames
Sr. Network Analyst
Network Operations Group
beames @
qdeck .
com
310.314.3210x3308
===============================================================================
|
|
