- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Finding dsniff on Your Network
- Abstract
- This paper covers some ways to detect dsniff and two of its utilities, arpspoof and macof, on a network. Arpspoof and macof tools were used with dsniff to determine if dsniff could be detected. The following programs were used to detect various aspects of dsniff: Arpwatch, ZoneAlarm, Antisniff and tcpdump. Our existing Fluke network test equipment was connected to the network to evaluate what indicators each could provide about dsniff and its tools.