hboogz Posted August 2, 2006 Share Posted August 2, 2006 I have a feeling there is some monitoring going on some machines using the above program. I've ran currports and tcpview and don't see anything unrecognizable. In the event the above program doesn't establish a tcp or udp session with a server -- how can i detect if monitoring is going on with spector ? Quote Link to comment Share on other sites More sharing options...
Sparda Posted August 2, 2006 Share Posted August 2, 2006 You could arp poison the switch and use ethereal to closly monitor traffic. Quote Link to comment Share on other sites More sharing options...
hboogz Posted August 2, 2006 Author Share Posted August 2, 2006 would i need two nics on my machine ? how would i setup the switchport configuration. make my, the management station, as the monitor port ? arp poison with cain/abel ? Quote Link to comment Share on other sites More sharing options...
rFayjW98ciLoNQLDZmFRKD Posted August 2, 2006 Share Posted August 2, 2006 You could get a cheep hub and listen in that way, or get a computer with two NICs and play man in the middle. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.