I used to capture promiscous on sun boxen without any problem. So it might be an issue with permissions of the /dev/ node for the interface which I remember I had to change myself. . Can you capture as root? If so which are the permissions on /dev/ifname? What happens if you change permissions on /dev/ifname so that it is writable by the user, can you capture promiscuous then?
Luis On 2/18/07, William Murphy <[EMAIL PROTECTED]> wrote: > Hi , > Thanks for getting back to me....tcpdump does not capture either....i > have been reading up on this and here it is. > The laptop I use is not as secure as Sun server and the nic card can be > turned into promiscuous mode easily by software, > But on the Sun server I don't think the software can turn it into > promiscuous mode and thus the Nic card will not show the sniffer(i.e. > snoop,tcpdump,tethereal,tshark) traffic from Mac address other than its > own mac address for security reasons. > > So I think now my question is: > > Is there a command I can run which will put the nic card on the SUN > server(i.e. Solaris 10) into promiscuous mode? > > Agree with my thinking? > > Will > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Luis Ontanon > Sent: 18 February 2007 20:26 > To: Community support list for Wireshark > Subject: Re: [Wireshark-users] Listening on Port mirrored interface > > What about tcpdump, does it capture? > What happen if you run it as root, can you capture? > is /dev/ifname readable by the user you are trying to capture with? > > On 2/18/07, William Murphy <[EMAIL PROTECTED]> wrote: > > Hi All, > > > > Don't know if this is the correct board to put this too but hear > goes anyway. > > I am having problems listening for packets on my Sun Machine. > > > > I have a F5 BIGIP switch on which I mirrored the traffic port(i.e.9) > to another port 16 for listening and tracing. In port 16 bi run a cable > to my Sun Solaris V440 machine. On this machine I simply plumb the > interface to where the cable is, give it a dummy ip address,netmask and > broadcast address and bring it up. Issue is when I run Tshark I see no > packets. > > > > Any ideas on what I have done wrong or even some tricks. When I > connect my laptop instead of Sun server and run wireshark , then I can > see packets that I want. I don't even give the laptop interface card a > ip address, netmask and broadcast address and it still works. > > > > William > > > -- > This information is top security. When you have read it, destroy > yourself. > -- Marshall McLuhan > _______________________________________________ > Wireshark-users mailing list > [email protected] > http://www.wireshark.org/mailman/listinfo/wireshark-users > ********************************************************************** > This email and any files transmitted with it are confidential and intended > solely for the use of the individual or entity to whom they are addressed. > If you have received this email in error please notify the system manager. > This footnote also confirms that this email message has been swept for the > presence of computer viruses. > > www.adaptivemobile.com > > ********************************************************************** > _______________________________________________ > Wireshark-users mailing list > [email protected] > http://www.wireshark.org/mailman/listinfo/wireshark-users > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-users mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-users
