Table of Contents
Tactics to Discover “Passive”�Monitoring Devices
The Problem at Hand
How Systems Know What to �Listen To
Passive Wiretapping (solsniff, ethersniff sample)
Passive Wiretapping (NFS Handles sample)
Passive Wiretapping (SMB sample)
Older 95 / 98 File Sharing
Traffic and Pattern Analysis
Ether and IP Headers
The Disconnect
DNS Method�Definition
DNS Method 1�Sniffing the Sniffer
DNS Method 2�Queries to DNS Server
DNS Method�Pros and Cons
Ether Tricks�Definition
Ether Tricks 1�Linux Classic
Ether Tricks 1�linux (cont)
Ether Tricks 1�linux (cont)
Ether Tricks 2�BSD Style Problems
Ether Tricks 3�Microsoft Shortcut
Ether Tricks�Pros and Cons
Machine Latency�defined
Machine Latency�example
Machine Latency�example
Machine Latency�example
Machine Latency�example (non-addressable interface)
Machine Latency�Methods for increasing end-node processing
Machine Latency�Pros and Cons
Spotting the curious
|