does snoop work in promiscuous mode? On 2/18/07, William Murphy <[EMAIL PROTECTED]> wrote: > Hi, > Ok changed the rights on the file > > crw-rw-rw- 1 root sys 11, 80 May 14 2006 [EMAIL PROTECTED]:ce > > but this still does not make a difference. I did not restart the system. > Just changed rights and made trace which did not work. > > Will > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Luis Ontanon > Sent: 18 February 2007 20:55 > To: Community support list for Wireshark > Subject: Re: [Wireshark-users] Listening on Port mirrored interface > > I used to capture promiscous on sun boxen without any problem. > > So it might be an issue with permissions of the /dev/ node for the > interface which I remember I had to change myself. > . > Can you capture as root? > If so which are the permissions on /dev/ifname? > What happens if you change permissions on /dev/ifname so that it is > writable by the user, can you capture promiscuous then? > > Luis > > On 2/18/07, William Murphy <[EMAIL PROTECTED]> wrote: > > Hi , > > Thanks for getting back to me....tcpdump does not capture > either....i > > have been reading up on this and here it is. > > The laptop I use is not as secure as Sun server and the nic card can > be > > turned into promiscuous mode easily by software, > > But on the Sun server I don't think the software can turn it into > > promiscuous mode and thus the Nic card will not show the sniffer(i.e. > > snoop,tcpdump,tethereal,tshark) traffic from Mac address other than > its > > own mac address for security reasons. > > > > So I think now my question is: > > > > Is there a command I can run which will put the nic card on the SUN > > server(i.e. Solaris 10) into promiscuous mode? > > > > Agree with my thinking? > > > > Will > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Luis > Ontanon > > Sent: 18 February 2007 20:26 > > To: Community support list for Wireshark > > Subject: Re: [Wireshark-users] Listening on Port mirrored interface > > > > What about tcpdump, does it capture? > > What happen if you run it as root, can you capture? > > is /dev/ifname readable by the user you are trying to capture with? > > > > On 2/18/07, William Murphy <[EMAIL PROTECTED]> wrote: > > > Hi All, > > > > > > Don't know if this is the correct board to put this too but hear > > goes anyway. > > > I am having problems listening for packets on my Sun Machine. > > > > > > I have a F5 BIGIP switch on which I mirrored the traffic port(i.e.9) > > to another port 16 for listening and tracing. In port 16 bi run a > cable > > to my Sun Solaris V440 machine. On this machine I simply plumb the > > interface to where the cable is, give it a dummy ip address,netmask > and > > broadcast address and bring it up. Issue is when I run Tshark I see no > > packets. > > > > > > Any ideas on what I have done wrong or even some tricks. When I > > connect my laptop instead of Sun server and run wireshark , then I can > > see packets that I want. I don't even give the laptop interface card a > > ip address, netmask and broadcast address and it still works. > > > > > > William > > > > > > -- > > This information is top security. When you have read it, destroy > > yourself. > > -- Marshall McLuhan > > _______________________________________________ > > Wireshark-users mailing list > > Wireshark-users@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-users > > ********************************************************************** > > This email and any files transmitted with it are confidential and > intended > > solely for the use of the individual or entity to whom they are > addressed. > > If you have received this email in error please notify the system > manager. > > This footnote also confirms that this email message has been swept for > the > > presence of computer viruses. > > > > www.adaptivemobile.com > > > > ********************************************************************** > > _______________________________________________ > > Wireshark-users mailing list > > Wireshark-users@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-users > > > > > -- > This information is top security. When you have read it, destroy > yourself. > -- Marshall McLuhan > _______________________________________________ > Wireshark-users mailing list > Wireshark-users@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-users > ********************************************************************** > This email and any files transmitted with it are confidential and intended > solely for the use of the individual or entity to whom they are addressed. > If you have received this email in error please notify the system manager. > This footnote also confirms that this email message has been swept for the > presence of computer viruses. > > www.adaptivemobile.com > > ********************************************************************** > _______________________________________________ > Wireshark-users mailing list > Wireshark-users@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-users >
-- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users