Switched network sniffers detection technique based on IP packet routing

Zouheir Trabelsi

doi:10.1201/1086.1065898X/45528.14.4.20050901/90089.7

Switched network sniffers detection technique based on IP packet routing

Zouheir Trabelsi

Research output: Contribution to journal › Article › peer-review

4 Citations (Scopus)

Abstract

In a local network, the act of sniffing has been a big threat. Today, most network users and administrators believe that sniffing is a threat in hub-based networks, but it is no more a threat in switched networks. Because, in a hub-based network, any packet sent to a host will be received by all network's hosts, sniffing can be easily performed. However, in a switched network, any packet sent to a host will be received only by the destination host, unless it is a broadcast packet. Therefore, sniffing seems impossible in switched networks. This article shows that there are several ways that sniffing can be performed in switched networks. The man-in-the-middle (MiM) attack is a key step in the process of preparing a sniffing activity in a switched network.

Original language	English
Pages (from-to)	51-60
Number of pages	10
Journal	Information Systems Security
Volume	14
Issue number	4
DOIs	https://doi.org/10.1201/1086.1065898X/45528.14.4.20050901/90089.7
Publication status	Published - 2005
Externally published	Yes

ASJC Scopus subject areas

Software
Computer Science Applications
Information Systems and Management

Access to Document

10.1201/1086.1065898X/45528.14.4.20050901/90089.7

Cite this

@article{7ea79656724d4b2999ab916022c84339,

title = "Switched network sniffers detection technique based on IP packet routing",

abstract = "In a local network, the act of sniffing has been a big threat. Today, most network users and administrators believe that sniffing is a threat in hub-based networks, but it is no more a threat in switched networks. Because, in a hub-based network, any packet sent to a host will be received by all network's hosts, sniffing can be easily performed. However, in a switched network, any packet sent to a host will be received only by the destination host, unless it is a broadcast packet. Therefore, sniffing seems impossible in switched networks. This article shows that there are several ways that sniffing can be performed in switched networks. The man-in-the-middle (MiM) attack is a key step in the process of preparing a sniffing activity in a switched network.",

author = "Zouheir Trabelsi",

year = "2005",

doi = "10.1201/1086.1065898X/45528.14.4.20050901/90089.7",

language = "English",

volume = "14",

pages = "51--60",

journal = "Information Systems Security",

issn = "1065-898X",

publisher = "Taylor and Francis Ltd.",

number = "4",

}

TY - JOUR

T1 - Switched network sniffers detection technique based on IP packet routing

AU - Trabelsi, Zouheir

PY - 2005

Y1 - 2005

N2 - In a local network, the act of sniffing has been a big threat. Today, most network users and administrators believe that sniffing is a threat in hub-based networks, but it is no more a threat in switched networks. Because, in a hub-based network, any packet sent to a host will be received by all network's hosts, sniffing can be easily performed. However, in a switched network, any packet sent to a host will be received only by the destination host, unless it is a broadcast packet. Therefore, sniffing seems impossible in switched networks. This article shows that there are several ways that sniffing can be performed in switched networks. The man-in-the-middle (MiM) attack is a key step in the process of preparing a sniffing activity in a switched network.

AB - In a local network, the act of sniffing has been a big threat. Today, most network users and administrators believe that sniffing is a threat in hub-based networks, but it is no more a threat in switched networks. Because, in a hub-based network, any packet sent to a host will be received by all network's hosts, sniffing can be easily performed. However, in a switched network, any packet sent to a host will be received only by the destination host, unless it is a broadcast packet. Therefore, sniffing seems impossible in switched networks. This article shows that there are several ways that sniffing can be performed in switched networks. The man-in-the-middle (MiM) attack is a key step in the process of preparing a sniffing activity in a switched network.

UR - http://www.scopus.com/inward/record.url?scp=83255163452&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=83255163452&partnerID=8YFLogxK

U2 - 10.1201/1086.1065898X/45528.14.4.20050901/90089.7

DO - 10.1201/1086.1065898X/45528.14.4.20050901/90089.7

M3 - Article

AN - SCOPUS:83255163452

SN - 1065-898X

VL - 14

SP - 51

EP - 60

JO - Information Systems Security

JF - Information Systems Security

IS - 4

ER -

Switched network sniffers detection technique based on IP packet routing

Abstract

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this