URL : http://www.hackosis.com/index.php/2007/12/11/what-is-promiscuous-mode-and-how-do-i-use-it/
Promiscuous is defined as distributed or applied without order. It means the same in the world of information technology. When a network adapter is in promiscuous mode it accepts all network packets whether they are intended for the specific machine or not.
Normally a node on the network will check the network packet before accepting to make sure it is the intended recipient. Promiscuous mode can be used for many things, such as troubleshooting network problems, software problems, recovering passwords, and also stealing information (can’t everything be used for both good or evil?).
Example of HTTP TCP/IP Packet:
image by Netmon Inc
Using Promiscuous Mode in Linux:
Enable promiscuous mode:
Disable promiscuous mode:
How do I use it?
Thankfully, there are some applications that will take care of this for you:
AirSnort | Kismet | Wireshark | tcpdump | IPTraf | Driftnet
Using Promiscuous Mode in Windows:
Recent Microsoft Windows operating systems have made it complicated to say the least to simply enable promiscuous mode. WinPcap is a library built specifically for being promiscuous and helping with the task of capturing network packets.
How do I use it?
Thankfully, there are some applications that will take care of this for you:
Wireshark | AirSnort (install guide) | Cain
Sorry Mac users, I don’t have Mac OS X v10.4 “Tiger” yet.
I hope you enjoy being promiscuous as much as I do. Keep in mind that running these programs at your school or other public networks could get you into trouble — promiscuous mode can be detected. FYI, if you are on a switched network (most modern networks are switched), you may have some trouble getting packets without ARP poisoning. Have fun and if any programs were missed, do leave a tip in the comments. Look forward to future posts on similar subjects at Hackosis. dontstealmyrsshackosis
No comments:
Post a Comment