On Fri, Apr 27, 2001 at 09:26:14PM -0500, Jacob Ansari said sometin like... > Hi everyone, > > Maybe I'm really missing something, but I can't seem to get my 3com > AirConnect wlan pcmcia card to operate in promiscuous mode. You can force (as far as I know, I've tested quite a few cards) any card into prom. mode, you just need the correct tools. Under linux or OpenBSD, Sniffit or tcpdump will do this for you. If a card will not "enter prom. mode" it's nothing to worry about, you don't _HAVE_ to be in that mode to sniff traffic, it's more just a line that lets you know it's now sniffing and logging all traffic passing through. For example, in unix, you can force a card into prom. mode using ifconfig (i forget the flag). This, however means nothing if you don't have a method of capturing and logging the data. All it does is open the card to see everything, but you won't actually see anything unless you are configured to do so. By that same token, when you load sniffit while tail -f'ing your syslog, you won't see a line which says "eth0 enterming promiscuos mode." However, when you load tcpdump, you will. Another example, in Windows. If you load etherpeek or ethereal, you will sniff all traffic on your network unless it's switched and specificly setup to not allow traffic sniffing. There's no "promiscuous mode" to be entered as far as an actual setting on your card, it's just sniffing, and the program handles the hardware interaction part of it. Bottom line, any card can sniff, if you've got the right tools. Don't get hung up on the output letting you know that the card is. -- kam at aversion.net http://www.aversion.net
This archive was generated by hypermail 2b30 : Tue May 01 2001 - 11:44:14 PDT