3. Detect Network Sniffing
1. Detect ARP Poisoning and promiscuous mode in a switched network
If you have a doubt on a target machine, ping it.
Now open Wireshark and edit preferences. Click on protocols options
From ARP menus, select detect ARP and IP spoofing.
Stop the capture, go to analyze tab and select expert options. Here, you can see the attacker doing ARP Poisoning.
Nmap promiscuous/ Monitor mode detection
2. Detect ARP Poisoning using Capsa Network Analyzer
Requires use of school and work emails.
We can use hubu framework for arp poisoning
In the diagnosis tab, we can locate the ARP warning.
Last updated