Reply to post: Re: Detecting Wireshark

Revealed: The naughty tricks used by web ads to bypass blockers

John H Woods

Re: Detecting Wireshark

A classic way of detecting wireshark or other network snooping is to reserve some IP addresses for that purpose; send a packet to the client from one of them and see if that is followed by a reverse DNS lookup for that IP address. Of course, you can turn off revDNS in Wireshark (anybody else wish they'd kept the old name, Ethereal?) and I should imagine most other network snooping tools but a lot of folk leave it on for convenience.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019