Assume host with IP address A is in promisc mode.
Send ping to IP A to a garbage MAC address.
See if you get a reply from A or not.
Do 10 other similar tests as well.
On 6/3/05, LEGO <luis.ontanon@xxxxxxxxx> wrote:
> On 6/3/05, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
> > No,
> > ethereal will not send any traffic unless you use name resolution
> > where ethereal might start talking to the dns server.
> >
> > however ethereal will by default set the interface to promisc mode
> > which is something that can be detected by other hosts on the same
> > network, if they run software to actively probe for NICs that are in
> > promisc mode.
>
> So, it is possible. By any chance, do you have any pointers to
> documnetation explaining how?
>
> > it is semitrivial to modify a nic to become receive only so that it
> > will be impossible to detect as being in promisc mode.
> >
> >
> >
> > On 6/3/05, Tassixar Loknar <loknar_kun@xxxxxxxxxxx> wrote:
> > > When Ethereal starts capturing packets, does it send out any packets asking
> > > where everything is, or something traceable like that?
> > >
> > >
> > > _______________________________________________
> > > Ethereal-users mailing list
> > > Ethereal-users@xxxxxxxxxxxx
> > > http://www.ethereal.com/mailman/listinfo/ethereal-users
> > >
> >
> > _______________________________________________
> > Ethereal-users mailing list
> > Ethereal-users@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-users
> >
>
>
> --
> This information is top security. When you have read it, destroy yourself.
> -- Marshall McLuhan
>
