Is it a common practice to not assign IP address to sniffer machine? What is the reas
I have BackTrack version of linux and it is the sniffer machine. Is it just with backtrack that the IP address is not assigned automatically by DHCP or with any linux distribution it can be configured to not assign IP address automatically. What is the motive of not assigning IP address to sniffer machine?
|
BackTrack and any version of Linux can be set up to receive an IP via DHCP or the IP address can be statically assigned. It is common not to assign an IP address to a machine that is a dedicated sniffer, such as an IDS/IPS or WireShark. This is referred to as promiscuous mode.
On a machine like BackTrack, which has a lot of other functionality than sniffing traffic, you would either set the interface up for DHCP or statically assign an address. It mostly depends on what you are doing at the time/what your current uses for the PC are. HTH |
Quote:
Is it possible to assign IP address and still run in promiscuous mode? The backtrack machine I am using is mainly used for sniffing. |
Promiscuous mode actually deals more with masking the MAC address rather than the IP address, that way the NIC can accept all packets whether they are addressed to that specific NIC or not. At the point that you aren't sending traffic at the data-link layer, you won't be able to send traffic at the network layer, either; therefore, an IP address is not needed. That's not saying you HAVE to remove it, but you can. It would be more secure to NOT have an IP address assigned to the interface that you will be sniffing with.
|
Quote:
|
All times are GMT -5. The time now is 12:21 AM. |