Re: Detecting a sniffer (fwd)
Dr. Frederick B. Cohen (fc@all.net)
Thu, 4 May 1995 10:49:33 -0400 (EDT)
Forwarded message:
>From fc Thu May 4 10:47:34 1995
Subject: Re: Detecting a sniffer
To: perry@imsi.com
Date: Thu, 4 May 1995 10:47:34 -0400 (EDT)
In-Reply-To: <9505041405.AA27736@snark.imsi.com> from "Perry E. Metzger" at May 4, 95 10:05:57 am
X-Mailer: ELM [version 2.4 PL22]
Content-Type: text
Content-Length: 965
>
>
> Dr. Frederick B. Cohen says:
> > Incorrect - you can detect a sniffer - but it's not cheap.
>
> Tell us how, Oh Great One.
It's called a lot of hard work. You start by examining all hardware
and software, ... you get the idea? Now if you are proficient, you
can do this for only a few days and a few thousand dollars per typical
room in an office complex, in other words, as much as replacing the
whole computing facility.
There are a number of techniques that require less work but are less
perfect.
--
-----------------
\Management /\/| 216-686-0090 - PO Box 1480, Hudson, OH 44236
\ /\/ | Check out info-security heaven and test your system
\/\ /\/ | for known vulnerabilities (1st time for free) at URL:
\/Analytics| (scans deeper than SATAN or ISS) http://all.net:8080
-----------------
Read "Protection and Security on the Information Superhighway"
John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95
--
-----------------
\Management /\/| 216-686-0090 - PO Box 1480, Hudson, OH 44236
\ /\/ | Check out info-security heaven and test your system
\/\ /\/ | for known vulnerabilities (1st time for free) at URL:
\/Analytics| (scans deeper than SATAN or ISS) http://all.net:8080
-----------------
Read "Protection and Security on the Information Superhighway"
John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95