Hi,
Unfortunately there's no way (at least not any that I'm aware of) to find
out if somebody somewhere out there in the network is using Wireshark.
Tools like Wireshark are passive which means they do not generate any
traffic.
However sniffing the switched network is not a trivial task as the switch
(by its definition) directs traffic destined to a particular host to a
single port - and this prevents easy sniffing of the traffic that is not
destined to a sniffing machine.
On the contrary, there are number of tools and methods to make sniffing
possible (like ARP poisoning or overflowing switch MAC table). Those are
active methods that can be detected if you know what to look for.
--
BR,
Bartosz.
On Mon, 14 Mar 2011 17:58:11 +0100, Flavio Ferreira
<xfl4v10@xxxxxxxxxxxxxx> wrote:
how to find out if there is anyone running wireshark on my network?
