Network Security: Detailed info on Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switch

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switch

from [Valdis . Kletnieks] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?
Date:	Sat, 26 Nov 2005 04:40:08 -0500

On Sat, 26 Nov 2005 11:24:42 +0200, Maxim Vexler said:

In the mean time I would like to ask you if any testing can be made to
locate a noisy machine on a subnet that is connected with a switch?


If it's a managed switch, you can just dump the per-port statistics
and look for one that looks way off.

Oh, and while you're at it, consider the possibility that throughput has
fallen through the floor because of a duplex mismatch - if the switch and the
router to the rest of the internet get confused whether they're in full or
half duplex, and one chooses one and the other chooses the other, you'll
have lots of packet loss....

pgpIQFg7sK65p.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, Maxim Vexler Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, Mikael Abrahamsson Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, Valdis . Kletnieks <= Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, Jochen Radmacher Re: [Full-disclosure] How do you sniff your LAN subnet in nowdaysswitched networks ?, Morning Wood Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, David Huecking

Previous by Date:	Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, Mikael Abrahamsson
Next by Date:	Re: [Full-disclosure] IPsecurity theater, Joachim Schipper
Previous by Thread:	Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, Mikael Abrahamsson
Next by Thread:	Re: [Full-disclosure] How do you sniff your LAN subnet in nowdays switched networks ?, Jochen Radmacher
Indexes:	[Date] [Thread] [Top] [All Lists]