|
Nmap Hackers
mailing list archives
Re: Promiscuous mode detection
From: Joel Eriksson <na98jen () student hig se>
Date: Thu, 4 Mar 1999 23:33:19 +0100 (MET)
On Thu, 4 Mar 1999, Bennett Todd wrote:
The code posted reports whether the machine is it run on has its interface in
promisc mode; so does "ifconfig -a|grep PROMISC".
It should be noted that ifconfig is often patched by hackers, ioctl()
could of course also be patched, by a kernel-module for example, but it is
not as common. It is only for local interfaces of course. Neped, that I
wrote about in my previous posting may be used to detect Linux-boxes with
network interfaces in promiscuous mode, using ARP. But there are of course
no universal way of detecting sniffers on the network.
-Bennett
/ Joel Eriksson
 By Date 
By Thread
Current thread:
- Re: Promiscuous mode detection, (continued)
- Re: Promiscuous mode detection Jordan Ritter (Mar 04)
- Re: Promiscuous mode detection Joel Eriksson (Mar 04)
Re: Promiscuous mode detection Arley Carter (Mar 04)
Re: Promiscuous mode detection Joel Eriksson (Mar 04)
Re: Promiscuous mode detection Jon Marler (Mar 04)
Re: Promiscuous mode detection Bruce Dennison (Mar 04)
RE: Promiscuous mode detection Hickey, Matthew (Mar 05)
|
Intro
