[Snort-users] OT: Sniffing Switched Traffic

Dan Hollis goemon at ...20...
Wed Apr 11 16:16:22 EDT 2001


On Wed, 11 Apr 2001, Bill Marquette wrote:
> Check out http://www.monkey.org/~dugsong/dsniff - switches aren't useful for
> security, only for bandwidth utilization.  If it's non-encrypted traffic (as
> telnet is) you should be able to own his box in under 30 seconds of getting
> dsniff compiled and installed.

unless he has set the catalyst 4000 for port security (which shuts down
switch ports automatically if it detects MAC monkeying), then all youll
manage to do is get your port disconnected from the net

-Dan





More information about the Snort-users mailing list