Security Basics mailing list archives

RE: Network Card Promiscuous Mode

From: "Nate McConnell" <nate () mcconnellsonline com>
Date: Sat, 8 May 2004 10:31:37 -0600

Yes there is a good way to do this. First use Ethereal to sniff the traffic.
Second to make windows run the card in promiscuous mode use winpcap. You can
get that from http://winpcap.polito.it/. If it is switched traffic you need
to perform arp spoofing to both machines or however many machines there are
so that all the traffic is coming to the machine so it can be sniffed. To do
that use Cain. You can get it from here http://www.oxid.it/cain.html. Then
set the laptop as the network gateway and it will grab all outbound traffic.



Nate McConnell

-----Original Message-----
From: Chris Halverson [mailto:chris.halverson () encana com] 
Sent: Friday, May 07, 2004 1:19 PM
To: security-basics () securityfocus com
Subject: Network Card Promiscuous Mode



I have a technician in Barbados that is trying to troubleshoot some network
tunnel problems and I wanted him to sniff the wire for what type of traffic
is coming over the link.  He is using a laptop with Win XP and I wanted to
know how to switch the network card into promiscuous mode to accept all the
traffic comming over the link.  Is there a way to do this with a native
windows interface or does it have to be done with third party tools?  Can
you use the NETSH utility or again is it somewhere else?

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Network Card Promiscuous Mode Chris Halverson (May 07)
- RE: Network Card Promiscuous Mode Nate McConnell (May 10)
- Re: Network Card Promiscuous Mode Dhaval Vasa (May 10)
- <Possible follow-ups>
- RE: Network Card Promiscuous Mode David Brown (May 10)
- RE: Network Card Promiscuous Mode James . Fields (May 10)