lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <44101C5A.30600@hogyros.de>
Date: Thu Mar  9 12:15:42 2006
From: Simon.Richter at hogyros.de (Simon Richter)
Subject: Promiscious Device Detection

Hi,

Q Beukes wrote:

> I am looking for linux utility that checks if a specified machine's
> network device is in promiscious mode or not.

Technically, promiscuous mode only affects packet reception, so it is 
pretty difficult to detect; however most packet sniffers will not hide 
the packets that would have been filtered normally from the kernel, so 
the kernel should react to e.g. a ping or SYN packet that has the 
correct destination IP address for that host, but would normally be 
filtered by the MAC (e.g. with a different destination MAC address).

I don't have a readymade utility for that (I'd code it if need arises, 
but the days of Cheapernet are gone), but you can test from the shell by 
creating a static ARP entry using the arp(8) tool and then pinging the IP.

    Simon

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ