Re: Promiscuous Mode

[Muhammad Farooq-i-Azam <lists () chase org pk>]

On Wed, Mar 19, 2008 at 02:51:20PM +0100, Simon Templar wrote:
# Hello everybody,
# 
# I have a question concerning "Promiscuous Mode", I know what it is,
# but I would like to know exactly what is happening behind the scenes
# when I change my NIC to this mode

In normal mode of operation, an NIC compares the destination MAC address
of an incoming packet to its own and passes it onto the operating system
only if it matches its own. Otherwise, the packet is dropped.

However, when put into promiscuous mode of operation, the NIC stops this 
comparison and just grabs ALL the incoming packets and passes them to
the kernel.


# 
# For example: what is the technicality in writing the command:
#  ifconfig eth0 promisc?


The interface is switched into promiscuous mode and it starts receiving
all the packets. However, you need an application like ipgrab, tcpdump,
wireshark, etc. to grab, disect and display the packet contents for you.

# 
# Your help is so much appreciated.
# Best regards.
# 
# 


Best wishes

-- 
Muhammad Farooq-i-Azam

lists () chase org pk
http://www.chase.org.pk/

                                          {((((((
                                          /_  _  )
                                         ( .  .   )
                                          ( /   )
----------------------------------oOOo------------oOOo----------------
Every word is like an unnecessary stain on silence and nothingness.
                -- Beckett
----------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------