Wireshark-users: Re: [Wireshark-users] Wireshark in Network - Windows/Linux

From: bart sikkes <b.sikkes@xxxxxxxxx>
Date: Sat, 20 Mar 2010 11:14:17 +0100
Hello Karthik ,

I have been following your answers and remarks for some time now and
wonder what your goal / reason behind this search for sniffer
detection is? the whole nature of sniffing, it being a passive action,
means that it is in principle not possible to detect remotely (some
exceptions as mentioned, but those don't detect sniffers but detect a
certain network card setting and can also be fooled.)

for the rest i agree with ronnie, it seems you don't want people to
snif in your network. well in my opinion you wont be able to stop them
if you cant restrict total physical access to your network or use
something like NAC. still due to the nature of switches they wont be
able to pick up much useful information (again exceptions are
possible). if you worry so much about someone sniffing on your network
you should ask yourself what they shouldn't be able to see and for
example encrypt that traffic.

oh and linux kernel 2.2.10 is like 10 years old, i doubt you will
encounter it often any more.

greetings,
bart