lawndoc
commented
4 days ago It's probably better to just create a new AsyncSniffer to do this instead of using Responder. Then we can handle the findings however we want in the Python code.
Open lawndoc opened 1 week ago
lawndoc
commented
4 days ago It's probably better to just create a new AsyncSniffer to do this instead of using Responder. Then we can handle the findings however we want in the Python code.
In the container that gets deployed, it would be nice to have Responder running in audit-only mode. This would log devices that are actively sending LLMNR, mDNS, and NB-NS requests and allow for admins to evaluate the posture of other systems.