At 01:40 11/03/2001 +0000, Paul Jakma wrote:
>On Sat, 10 Mar 2001, Andrew Betson wrote:
>> > Anyone know about this...?
>>he's right... the sniffer is invisible. course the box isn't, unless
>setup to do bridging.
>>the only clue is if the network card is in promiscious mode, then an
>attacker could maybe be clued in by the box being a little bit slow
>with network replies, and perhaps getting slower as the box gets
>busier.
>>but exactly how slow is dependent on the CPU of the box, the OS, the
>NIC, how many services run on it and how loaded they are, how fast
>the disks are, etc.. etc. that it would be impossible to tell what
>level of slow == promiscious+sniffer unless the attacker knew the box
>intimately already.
>>for a DSL line where you have effectively a point to point
>connection, you don't need to run your sniffer in promiscious mode.
This was the only reply the post got
<SNIP>
> The trick is to use an old AUI card with a UTP converter. These items
> have gotten scarce. You cut the Tx on the board side of the AUI connector
> and let the UTP converter do the link to the hub. Note: this only works
> for 10meg ckts.
</SNIP>
Interesting hack on the card.......
Andrew
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
