Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Sebastian Jaenicke (tsajaenicke.org)
Date: Wed Jan 30 2002 - 16:13:14 CST
On Wed, Jan 30, 2002 at 10:05:08PM +0000, Jan wrote:
> how can i sniff upon a switched network segment ? a read some articles about "switch jamming" and "port mirroring" but up to know i didn't learn anything special at all.
> ca some of your guys out there help me ? (i'm sure some of you can but are you willing, too ?)
This can be achieved by flooding the switch with spoofed ARP packets until
its internal MAC table is filled up - most switches will then revert to
"hub mode" and therefore broadcast all traffic to the network where it
can easily be sniffed.
give you some (more accurate?) information.
-- Sebastian Jaenicke whois pgpkey-18AC0BE4whois.ripe.net|perl -ne's-^certif: +--&&print' "Object-oriented programming is an exceptionally bad idea which could only have originated in California." --Edsger Dijkstra
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE8WG/6trcAlBisC+QRAoeIAJ9wcjOC/ZEfVY5jsDY+2x4Ggr++GACfXOYj OOYMuU/ci5IbYfWaQBVkle8= =7/cJ -----END PGP SIGNATURE-----