Switch Scanning

We currently run a couple of switches into one into our building. We
wish to be able to run a sniffer almost like you run one on a Hub. We
heard of ettercap and on one of our admins home network which uses only
one 4 port switch, it works beautiful.

How can we run a sniffer so we can see if stuff like AIM and others are
being used by who.

Our gateway is 10.83.0.1

Our DNSes are
10.83.0.1
10.19.0.1

We tried the same thing we did on the admins home network on ours, the
only thing is that we didn't get everything like we did at home. We
only got one HTTP request and we know that there were tons of HTTP
requests flowing on the network.

I have SystemRescueCD, PHLAK, and Auditor Boot CD so if any of this
will help.

I forgot to write that I am one of the Admins, so people know I am not
just some employee doing something I really shouldn't do.

"Adam" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com
> We currently run a couple of switches into one into our building. We
> wish to be able to run a sniffer almost like you run one on a Hub. We
> heard of ettercap and on one of our admins home network which uses
> only one 4 port switch, it works beautiful.
>
> How can we run a sniffer so we can see if stuff like AIM and others
> are being used by who.

If you were indeed an admin, you would know that you have to sniff on an
interface through which all traffic flows.

ynotssor wrote:
> "Adam" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) ups.com
>
>>We currently run a couple of switches into one into our building. We
>>wish to be able to run a sniffer almost like you run one on a Hub. We
>>heard of ettercap and on one of our admins home network which uses
>>only one 4 port switch, it works beautiful.
>>
>>How can we run a sniffer so we can see if stuff like AIM and others
>>are being used by who.
>
>
> If you were indeed an admin, you would know that you have to sniff on an
> interface through which all traffic flows.
>
I did know that. That is why I assumed it worked on the one admins home
network. The question we were asking is, since some admins have
computers that are hooked up to switches, hooked up to the switch that
hooks into the server, if they can still use their PCs to sniff. Our
server room is too small to have people, having computers in there to
sniff. It's literally a closet. That is why we wish admins to be able to
sniff from any computer.

Adam McCarthy wrote:
> ynotssor wrote:
>
>> "Adam" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed) ups.com
>>
>>> We currently run a couple of switches into one into our building. We
>>> wish to be able to run a sniffer almost like you run one on a Hub. We
>>> heard of ettercap and on one of our admins home network which uses
>>> only one 4 port switch, it works beautiful.
>>>
>>> How can we run a sniffer so we can see if stuff like AIM and others
>>> are being used by who.
>>
>>
>>
>> If you were indeed an admin, you would know that you have to sniff on an
>> interface through which all traffic flows.
>>
> I did know that. That is why I assumed it worked on the one admins home
> network. The question we were asking is, since some admins have
> computers that are hooked up to switches, hooked up to the switch that
> hooks into the server, if they can still use their PCs to sniff. Our
> server room is too small to have people, having computers in there to
> sniff. It's literally a closet. That is why we wish admins to be able to
> sniff from any computer.
Now so people don't get scared this time. When I say any PC, I don't
mean literally any PC that anyone can get on. I mean, any admins, actual
PC, ones they own, and ones that we legally allow them to run server
diagnostics from. Not just any computer they go on.