This article discusses an anti-sniffer based on a new detection technique. The proposed technique uses mainly ARP cache poisoning attack to detect sniffing hosts in an Ethernet network, and is implemented in a tool called SupCom anti- sniffer. Four anti-sniffers — PMD, Promi- Scan, L0pht AntiSniff, and SupCom anti- sniffer — are tested and the evaluation results show that SupCom anti-sniffer succeeded in detecting more sniffing hosts than the other anti-sniffers.
|Number of pages
|Information Systems Security
|Published - Jan 1 2005
ASJC Scopus subject areas
- Computer Science Applications
- Information Systems and Management