Sniffer or Packet Analyzer is a software that monitors data which is travelling via network. Basically Sniffers works in Promiscuous mode.
Ex: Wireshark, TCPDUMP
Requirements to detect sniffers in the network
1) A PC with wireshark software which is working as Sniffer ( PC1)
2) A PC with NMAP tool to detect Sniffer( PC2)
STEPS
1) Open Wireshark in the PC1 and Start Capturing the packets.
2) Open NMAP tool in PC2 and run this command in NMAP
nmap --script sniffer-detect.nse 172.17.39.36
Note: 172.17.39.36 is the PC1 IP address..
If sniffer is there -- It will give Likely in Promiscuous mode.
If sniffer is not there --
Ex: Wireshark, TCPDUMP
Requirements to detect sniffers in the network
1) A PC with wireshark software which is working as Sniffer ( PC1)
2) A PC with NMAP tool to detect Sniffer( PC2)
STEPS
1) Open Wireshark in the PC1 and Start Capturing the packets.
2) Open NMAP tool in PC2 and run this command in NMAP
nmap --script sniffer-detect.nse 172.17.39.36
Note: 172.17.39.36 is the PC1 IP address..
If sniffer is there -- It will give Likely in Promiscuous mode.
If sniffer is not there --
0 comments:
Post a Comment