[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Promiscuous mode for ethernet device



Kevin Coyner said:

> One question that I've been meaning to ask and this seems to be close to
> being on-topic:  If you're running a sniffer in promiscuous mode on a
> network that is linked together via a switch (as opposed to a hub), will
> you still be able to passively capture all packets from all boxes on the
> net?  Or is that one of the purposes of the switch - to ensure privacy? Is
> there any way around this?

you can flood the switch, which is usually a bad idea. a better way would
be to get a "good" switch which has "monitor" ports or "mirror" ports so
you can mirror traffic to a special port and monitor it there. It's not
100% reliable(if the switch load gets high it will drop packets), but it
can work. There are other devices which specialize in port mirroring, I keep
forgetting the term for them but they are designed for sniffing, they work
in addition to your switch.

in general though a switch is supposed to direct only the right traffic
to each port, if it works properly.


nate





Reply to: