if wireshark cannot, what software can? asked 16 May '12, 01:38  wiresharkhel... edited 16 May '12, 01:39 |
One Answer:
You can't detect a sniffer if it is listening to traffic passively (on a switch mirror/span/monitor port or a TAP), as it will not interact with the network. You may be able to detect hosts on your local network, that are running their interfaces in promiscuous mode (or using ARP tricks). Search google for: "detect a sniffer on network". There are several papers that describe some methods, however they are all not very reliable. Regards answered 16 May '12, 01:41  Kurt Knochner ♦ edited 16 May '12, 01:45 |
