¨Active
sniffer
¨Runs
on Linux, Solaris, OpenBSD
¨Excels
at decoding a large number of Application level protocols
–FTP, telnet, SMTP, HTTP, POP, NTTP, IMAP, SNMP, LDAP,
Rlogin, RIP, OSPF, NFS, NIS, SOCKS, X11, IRC, ICQ, Napster, MS SMB, and SQL
¨Performs
active sniffing using MAC flooding or arpspoof