Detecting hackers on your network using Windows NT
As users become more and more sophisticated (and with "hacking" Web sites posting tips on how to break into networks every day), you'll find that the odds of your network being hacked are steadily increasing.
For example, as you probably know already, there are many different software programs out today that enable users to capture (also known as "sniff") all network traffic.
And by capturing network traffic, these users can capture passwords as they travel across your network cables.
If someone uses Microsoft's Network Monitor to sniff your network traffic, you can detect his presence by using Network Monitor yourself.
You'll need to configure a filter in Network Monitor so that you can capture packets that use the Bloodhound Oriented Network (BONE) protocol.
This protocol enables someone to capture all network traffic, regardless of whether it was sent to or from that user's computer.
But what if someone has a different type of sniffer?
Many third-party vendors are now creating programs that you can use to detect password-sniffer programs.
One such program you might want to take a look at is GFI's LANguard (www.gfi.com).
This program enables you to detect the presence of password sniffers on your network.