SwitchSniffer
Platforms:
Windows 2000,
Windows NT,
Windows XP
Categories:
Access Control,
Auditing,
Filtering,
Firewall,
Firewall,
IDS,
Monitoring,
Network,
Network,
Network,
Network Monitoring,
Network Utilities,
Sniffer,
Sniffers,
Usage Monitoring,
Utilities
Version: v0.8.4
URL: http://www.nextsecurity.net/downloads/switchsniffer/SwitchSniffer.zip
1. Overview
SwitchSniffer is a program that can scan your switched LAN for up hosts and can reroute and collect all packets without the target users' recognition. It can also detect the ‘arpspoofer’ program running on the network and block user definable sessions like firewall. If you use this program in tandem with any sniffer program, you can capture and see the users’ IDs and passwords on a switched network.
1.1 features:
-. It can pull and collect all the packets on the LAN.
-. It can scan and show the active hosts on the LAN within a very short time.
-. While spoofing ARP tables, it can act as another gateway (or ip-forwarder) without other users' recognition on the LAN.
-. It can collect and forward packets by selecting inbound, outbound, and both to be sent to the Internet.
-. An ARP table is recovered automatically in a little time (about 30 seconds). But, this program
can keep spoofing continuously with a periodic time.
-. Although one or more network interface cards are installed on a computer, this program can scan and spoof by selecting one of NICs.
-. It can get traffic information about the amount of data transferred to and from the internet including I session information.
-. It can detect which computer is running an arpspoofer program on the local network.
-. It can scan all hosts automatically on the network.
-. It has a feature which filters or blocks sessions, local hosts and remote hosts.
-. No more installation of winpcap driver.
1.2 Benefits:
-. It can find out the hidden hosts on local area network.
-. It can check out if abnormal hosts are connected on the wireless network.
-. It protect your network from abnormal users.
-. It can check out if there are abnormal packets on the local network.
-. It can view users/passwords, chat sessions and web sessions etc., on the switch network
by other application.
2. System Requirement
2.1 Local :
Windows nt4/2000/xp/2003, 25MB free main memory, Network adapter which supports promiscuous mode.
Remote : All computers including network devices must support Ethernet
3. Reference
http://www.nextsecurity.net/