Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Small hardware network sniffer - does it exist?

from [Porter, Thomas (Tom)] Network Security [Permanent Link]
Subject: RE: Small hardware network sniffer - does it exist?
Date: Tue, 7 Nov 2006 22:13:57 -0500 
This can be done at home. I'm running a Linux 2.6 kernel on a Freescale 
Coldfire setup w/ two FECs, boa to visualize the results, ssh, and a somewhat 
(still) flaky packet sniffer that is getting closer everyday to working. You 
can see more details about this on my website: http://www.dtool.com. This is 
not a commercial product (yet)

Best, Tom

PS. Shouts out to Danny K for the cool SSL stuff

Thomas Porter, PHD | Sr. Security Architect | Consulting & Systems Integration 
| Avaya Global Services | Virtual Office: 919.967.2909 | Mobile: 919.593.1570 
| Email:tporter@avaya.com | IM: AvayaTPorter 


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of Rogan Dawes
Sent: Monday, November 06, 2006 9:57 PM
To: Petr.Kazil@eap.nl
Cc: PenTest
Subject: Re: Small hardware network sniffer - does it exist?

Petr.Kazil@eap.nl wrote:

I have ordered a few hardware keyloggers to play with
(http://www.keelog.com/) and I was wondering if the same idea exists 
for networks?
A device that you could tape under a desk, and that would act as a 
transparant bridge, sniffing all traffic.

I know that you can use arp-spoofing to get a similar result (easier, 
better?), and I know about hardware network taps.
But I'm still interested in the theoretical possibilities of this idea.

I have a few old laptops, but these have just one PCMCIA network card, 
so bridging is not possible (well, with the right kind of network 
cards you can get two in that  slot - I'll see if you can still buy 
them). But laptops are too big and heavy.

I've looked at microcontrollers with ethernet adapters, but here I 
find webserver appliances with just one network interface. They're 
small but I'm not sure if you could run an OS and a sniffer on them. 
I've looked at miniboards but they are very expensive, too expensive for 
"just a toy".

But, considering that you can get a 2-cigarette-pack sized 
Pix-firewall, such hardware must exist. But I haven't found the right 
keywords yet. Any ideas?

Greetings, Petr Kazil


This looks like the answer to your question - I can't really imagine anything 
smaller!

http://www.arxceo.com/

And

http://linuxdevices.com/news/NS2860172381.html

The Yoggie will supposedly also support an SDIO wireless card, so you can 
bridge and snoop AND get remote access at the same time.

Regards,

Rogan

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: RE: Changing Source Port during Penetration Testing?, Jamie Riden
Next by Date:  DDOS Products, SecurityPractitioner
Previous by Thread:  Re: Small hardware network sniffer - does it exist?, Rogan Dawes
Next by Thread:  Re: Article / Document about passwords vs. passphrases, Spam
Indexes:  [Date] [Thread] [Top] [All Lists]