[ale] etherape + comcast + NAT'ed host
Jim Popovitch
yahoo at jimpop.com
Mon Sep 15 17:25:05 EDT 2008
On Mon, Sep 15, 2008 at 17:15, Mike Harrison <meuon at geeklabs.com> wrote:
> Got another trusted box to sniff with? It could be etherape or something
> else that it uses (libpcap) is creating the traffic..
Well, this is the trusted box (new Debian Lenny install).
> At the idiot level: If you are sniffing wireless.. in promiscous mode,
> you could be sniffing someone else's traffic that, while it's not actually
> part of your WiFi network could be on the same frequencies.
I thought that too, but then tcpdump would see that traffic outside of
etherape. In this case etherape is reporting traffic that tcpdump
doesn't see.
> I'd plug in with cable and see what I saw on each interface,
> ie: ethernet vs wifi..
Yeah, I did that earlier and of course there is no traffic. I don't
think the traffic as reported by etherape is real, it's just perceived
somehow. There is no realistic way for my home to see traffic btwn
Korea and Japan.
-Jim P.
More information about the Ale
mailing list