Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Promiscuous Mode
From: "Richard C Lewis" <chad () mr-lew com>
Date: Thu, 20 Mar 2008 21:36:29 -0400

Promiscuous mode doesn't stop an interface from SENDING packets. You can
easily put an interface into promiscuous mode and capture all traffic that
is transmitted on the wire and still send your own packets at the same time.
Promiscuous mode has to do with processing the packets you RECEIVE off the
wire.

Refer back to Don Bailey's response, he outlined promiscuous mode really
well.

Putting an interface into promiscuous mode WITHOUT assigning an IP address
(or enabling DHCP) would give you the condition you described.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Brett Cunningham
Sent: Thursday, March 20, 2008 1:55 PM
To: Simon Templar
Cc: pen-test () securityfocus com
Subject: Re: Promiscuous Mode

Simon,

    Setting an interface into promiscuous mode means it will not send
packets out that interface and there will be no IP address assigned to
it. It will, however, still listen on that interface. This is a
typical requirement of deploying an IDS.

On 3/19/08, Simon Templar <73696d6f6e74656d706c617200 () googlemail com> wrote:
Hello everybody,

I have a question concerning "Promiscuous Mode", I know what it is,
but I would like to know exactly what is happening behind the scenes
when I change my NIC to this mode

For example: what is the technicality in writing the command:
 ifconfig eth0 promisc?

Your help is so much appreciated.
Best regards.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]