RE: Network Card Promiscuous Mode
From: Nate McConnell (nate_at_mcconnellsonline.com)
Date: 05/08/04
- Previous message: Ansgar -59cobalt- Wiechers: "Re: IPS vs Firewall"
- In reply to: Chris Halverson: "Network Card Promiscuous Mode"
- Next in thread: Dhaval Vasa: "Re: Network Card Promiscuous Mode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Chris Halverson'" <chris.halverson@encana.com>, <security-basics@securityfocus.com> Date: Sat, 8 May 2004 10:31:37 -0600
Yes there is a good way to do this. First use Ethereal to sniff the traffic.
Second to make windows run the card in promiscuous mode use winpcap. You can
get that from http://winpcap.polito.it/. If it is switched traffic you need
to perform arp spoofing to both machines or however many machines there are
so that all the traffic is coming to the machine so it can be sniffed. To do
that use Cain. You can get it from here http://www.oxid.it/cain.html. Then
set the laptop as the network gateway and it will grab all outbound traffic.
Nate McConnell
-----Original Message-----
From: Chris Halverson [mailto:chris.halverson@encana.com]
Sent: Friday, May 07, 2004 1:19 PM
To: security-basics@securityfocus.com
Subject: Network Card Promiscuous Mode
I have a technician in Barbados that is trying to troubleshoot some network
tunnel problems and I wanted him to sniff the wire for what type of traffic
is coming over the link. He is using a laptop with Win XP and I wanted to
know how to switch the network card into promiscuous mode to accept all the
traffic comming over the link. Is there a way to do this with a native
windows interface or does it have to be done with third party tools? Can
you use the NETSH utility or again is it somewhere else?
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: Ansgar -59cobalt- Wiechers: "Re: IPS vs Firewall"
- In reply to: Chris Halverson: "Network Card Promiscuous Mode"
- Next in thread: Dhaval Vasa: "Re: Network Card Promiscuous Mode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
