[Snort-users] OT: Sniffing Switched Traffic

Dan Hollis goemon at ...20...
Wed Apr 11 15:39:27 EDT 2001


On Wed, 11 Apr 2001, Bill Marquette wrote:
> Check out http://www.monkey.org/~dugsong/dsniff - switches aren't useful for
> security, only for bandwidth utilization.  If it's non-encrypted traffic (as
> telnet is) you should be able to own his box in under 30 seconds of getting
> dsniff compiled and installed.

With manageable switches you can lock mac addresses to specific ports, and
render dsniff worthless.

Also -- dsniff doesnt work on all switches.

-Dan





More information about the Snort-users mailing list