The code posted reports whether the machine is it run on has its interface in
promisc mode; so does "ifconfig -a|grep PROMISC".
If you want to check other systems, well, the short answer is, you can't, in
general. This gets discussed a lot:-). Some versions OSes can be detected if
they are put in promisc mode; a typical style hack is to send a ping to the
IP broadcast address with a specific destination MAC address not found on
your net, and listen for answers. I don't know how to gen up such a packet.
It might suffice to stuff an arp entry into the arp cache for the IP broadcast
address, I dunno if that would work. May work better if you use the "other"
bcast addr; e.g. the Linux system I'm looking at now is using the .255 bcast
addr, so it might work better to try setting the arp entry for the .0 addr to
some known-absent MAC addr, then try sending a ping at the .0 addr. Anybody
answers, their interfaces are in promisc, but some OSes might not answer even
if their IF is promisc.
-Bennett
Received on Mar 04 1999
Intro
