On Sat, 29 Apr 1995, Theodore Alexopoulos wrote: > Is there any way to find out if a sniffer is on the net? > Just this no. absolutely none (per SANS'95 conference) a sniffer can have its transmit lead cut and still function. this configuration is described in one of the common security papers--TAMU's tiger paper perhaps, i dont remember. with the transmit lead cut, you cant detect. now a good capture digital ocilloscope and a one shot pulse generator may allow you to see the reflections at each tap (imperfect impedence matching of coax and taps procudce reflections) the time from pulse to reflection is twice the travel time to the tap. a TDR (time domain reflectometer) does this. but the signal will be very weak. no standard network administrator equipment ;( jmb Jonathan M. Bresler jmb@kryten.atinc.com | Analysis & Technology, Inc. | 2341 Jeff Davis Hwy play go. | Arlington, VA 22202 ride bike. hack FreeBSD.--ah the good life | 703-418-2800 x346