How can I intercept files on windows LAN?

Hi Everybody!

Anybody knows how do I intercept files or file operations on Windows
LAN?
I'd like to have at least some log of file operations of other users.

I know some tools such as L0phtCrack,
that can sniff authorization information on local network, but is
there any tools intercepting files?..

TIA, Victor.

Victor Kumar

In article <>,
says...
> Hi Everybody!
>
> Anybody knows how do I intercept files or file operations on Windows
> LAN?
> I'd like to have at least some log of file operations of other users.
>
> I know some tools such as L0phtCrack,
> that can sniff authorization information on local network, but is
> there any tools intercepting files?..
>
> TIA, Victor.
>


you can capture the raw data with ethereal, snort, dsniff, etc...
however, you'll need a reference point where to "start and stop" the
file in order to reconstruct..... at least i would *assume* this is
possible.... at the very least, you'll be able to view file names that
are accessed...



--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."

Colonel Flagg

"Colonel Flagg" <> wrote in
message news:.. .
> In article <>,
> says...
> > Hi Everybody!
> >
> > Anybody knows how do I intercept files or file operations on Windows
> > LAN?
> > I'd like to have at least some log of file operations of other users.
> >
> > I know some tools such as L0phtCrack,
> > that can sniff authorization information on local network, but is
> > there any tools intercepting files?..
> >
> > TIA, Victor.
> >
>
>
> you can capture the raw data with ethereal, snort, dsniff, etc...
> however, you'll need a reference point where to "start and stop" the
> file in order to reconstruct..... at least i would *assume* this is
> possible.... at the very least, you'll be able to view file names that
> are accessed...
>
>
>
> --
> Colonel Flagg
> http://www.internetwarzone.org/
>
> Privacy at a click:
> http://www.cotse.net
>
> Q: How many Bill Gates does it take to change a lightbulb?
> A: None, he just defines Darkness? as the new industry standard..."
>
> "...I see stupid people."

EtherDetect is pretty cool

--
Mimic

"Without Knowledge you have fear, With fear you create your own nightmares."
"There are 10 types of people in this world. Those that understand Binary,
and those that dont."
"C makes it easy to shoot yourself in the foot. C++ makes it harder, but
when you do, it blows away your whole leg"

Mimic

Colonel Flagg Spilled my beer when they jumped on the table and
proclaimed in <>:

> you can capture the raw data with ethereal, snort, dsniff, etc...
> however, you'll need a reference point where to "start and stop" the
> file in order to reconstruct..... at least i would *assume* this is
> possible.... at the very least, you'll be able to view file names
> that are accessed...

Plus if he's running win2k, he can turn on auditing in what I refer
to as 'Sooper Paranoid Mode' where it logs all access to
files/subdirs.

NOI

Thund3rstruck