Using Data Fence to detect sniffers

Written By Todd Heberlein

While Data Fence was designed to detect suspicious access to regular files like Microsoft Word documents, it can also be used to detect access to directories and special files. In this video I show how Data Fence can watch programs opening the Berkeley Packet Filter devices, a common technique attackers will use to sniff packets on your network.

Todd Heberlein
Previous

Data Fence: Getting Started
Next

Data Fence, First Introduction