Detecting WireShark and other sniffers in your wireless network?

409490 pts.
Tags:
Mobile Computing in 2010
Sniffer software
Sniffers
Wireshark
What's the best way to root out a promiscious sniffer like WireShark? Are there any specific packet types that it spits out I can search for? I'd love suggestions for specific anti-sniffing tools to help better lock down our network. Thanks

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    It's not easy but it's not impossible. I talk about this issue in this sample chapter of my book Hacking For Dummies.
    21,005 pointsBadges:
    report
  • The most-watched questions this week: April 6, 2010 - ITKE Community Blog
    [...] Detecting WireShark and other sniffers in your wireless network?, which was asked via e-mail and answered by [...]
    0 pointsBadges:
    report
  • Bitraptor
    It is not an easy task indeed. But i would definetly start out with Trafscrambler – Anti-sniffer/IDS Tool. I have made a presentation to large audience in a hacker event here in Brazil and proved to be one effective tool, not the definitive tool tough. Check some of its features: Features ◦Injection of packets with bogus data and with randomly selected bad TCP cksum or bad TCP sequences ◦Userland binary(tsctrl) for controlling trafscrambler NKE ◦SYN decoy – sends out number of SYN pkts before the original SYN pkt ◦TCP reset attack – sends out RST/FIN pkt with bad sequence ◦Pre-connection SYN – sends out SYN with wrong TCP-checksum ◦Post-connection SYN – sends out fake SYN after connection establishment ◦Zero Window – send out pkt with “0” window set download link http://en.roolz.org/files/soft/trafscrambler-0.2.tgz
    105 pointsBadges:
    report
  • Sixball
    Great points - tyvm, didnt know you could sniff a sniffer.. :)
    8,705 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: