Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
A friend of mine works at a bar where they're adding free wireless for customers. He, being the most computer-savvy person working there, has been asked to head this up. Good news for him: he's gonna get paid for a week to setup and test a wireless router. Bad news: he asked me to help him make it reasonable secure.
So, jointly, our question is this: is it possible to detect a packet sniffer on an open wireless network? Clearly we can't just look for unexpected MACs, but is there some 'signature' a packet sniffer puts out? As far as I know, they're very much passive devices, but I thought I'd ask.
In short: no, you can't detect sniffers. Kismet, for example, is undetectable, as it never sends out packets.
Other (Windows) utilities may not be entirely invisible, but the point is moot, since you can't be sure that there isn't a cracker with a Linux laptop around somewhere.
Incidentally, MAC filtering is useless against Linux based systems anyway, as it's possible to sniff a MAC from the network and change the address on the card to match.
Notably, it's possible to change the MAC on many wireless cards under Windows as well. Thanks for the information that confirmed my initial suspicions.
Incidentally, MAC filtering is useless against Linux based systems anyway, as it's possible to sniff a MAC from the network and change the address on the card to match.
dave
How do you change the MAC address of a NIC card on Linux?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.