sniffdet - Remote Sniffer Detection Tool/Library


Sniffdet is an Open Source implementation of a set of tests for remote sniffers detection in TCP/IP network environments. It's composed of a flexible and easy to use library and an application to run the tests. It is licensed under the GNU General Public License (GPL).

Sniffdet implements various tests for the detection of machines running in promiscuous mode or with a sniffer. Besides other general use functions, libsniffdet provides the following tests:

  • ICMP test
  • ARP test;
  • DNS test;
  • LATENCY test.

The application has a flexible interface which allows the customization of every test by using a config file, can test multiple machines at the same execution, has a plugin interface for the reports and runs as an unprivileged user.

Latest News

2009-12-04: sniffdet moved to git

Sniffdet is not under active development anymore, but the latest development version (strongly recommended for anyone interested) has been moved from SVN to a git repository. Anyway, contributions are still very welcome. Check it out at the sniffdet gitweb interface

2006-10-10: repository is back

After a long offline period, the development code is now available again. You can checkout it using subversion (SVN) from Moved to git, see latest announcement.

Actually, you'll need the latest development version if you intend to compile sniffdet on a modern Linux distribution, since 0.9 uses some deprecated tools.

2003-07-04: sniffdet 0.9 released

This is our latest stable release of sniffdet: sniffdet-0.9. It includes many usability improvements, better documentation (including a libsniffdet-usage-example.c file), and several bugfixes.

Please take a look in our complete changelog

Mailing List - Contributions and Discussion

If you want to join the sniffdet mailing list, you can do that by sending an empty message to with subscribe as the subject.

Or if you prefer, you can join using the mailman interface from

It's archive is also available through SourceForge Archives

By the way, you can access our project page at SourceForge:
There you can find a bug track system and other useful information.


This project was implemented as part of a final Computer Science undergraduate work at Federal University of Paraná - UFPR - Brazil.