How catch/block sniffers on my network?

4 ANSWERS

1. 
   

   AFAIK, there is no way to block sniffers other than dealing with the root problem - that they are allowed to be installed at all and they can set the NIC to promiscuous mode. Besides the promiscuous mode issue, your network topology could be changed to make it more difficult for sniffing (eg. using switches rather than hubs, using VLANS on switches, etc.).
   
   See: http://www.surasoft.com/articles/packets...
   
   http://www.boran.com/security/it10-lan-w...
   
   Note that some packet sniffing is still possible even without promiscuous mode being available.
   
   The real issue though is the security policy related to the network workstations. Allowing users to install anything, and allowing system access such that promiscuous mode can be enabled on NICs is generally not a good thing in a network where security is of any concern at all. This is usually just asking for trouble, not to mention support headaches.

   Report (0) (0)  |   earlier  

2. 
   

   Ordinarily to sniff packets a machines NIC must be in promiscuous mode. A simple scan of the network for a nic in that mode is the easy way to "find" then Block the abuser.
   
   There are some free Anti - Sniff tools that will do that for you.
   
   One is at http://packetstormsecurity.org/sniffers/...
   
   and a whole set of good items at
   
   http://webteca.altervista.org/AntiSniffT...
   
   and a good article on how this works
   
   http://www.securiteam.com/tools/2LUQLQ0R...
   
   Hope that helps.

   Report (0) (0)  |   earlier  

3. 
   

   just use a WAP key, not a WEP key and that will ward off people on your wireless network

   Report (0) (0)  |   earlier  

4. 
   

   You have to use encryption on your network.

   Report (0) (0)  |   earlier