Hello all, You can detect a promiscuous interface if you use Windows Management Instrumentation Command-line (WMIC). You don't need PromiscDetect and Promqry. # Command wmic /NAMESPACE:\\root\wmi PATH MSNdis_CurrentPacketFilter GET # NDIS_PACKET_TYPE 00000001 1 DIRECTED 00000010 2 MULTICAST 00000100 4 ALL_MULTICAST 00001000 8 BROADCAST 00010000 16 SOURCE_ROUTING 00100000 32 PROMISCUOUS 00001011 11 DIRECTED(1), MULTICAST(2), BROADCAST(8) 00101011 43 DIRECTED(1), MULTICAST(2), BROADCAST(8), PROMISC(32) # Non-promisc C:\>wmic /NAMESPACE:\\root\wmi PATH MSNdis_CurrentPacketFilter GET Active InstanceName NdisCurrentPacketFilter TRUE Microsoft ISATAP Adapter 0 TRUE Teredo Tunneling Pseudo-Interface 0 TRUE Intel(R) PRO/1000 MT Network Connection 11 <- Non-promisc TRUE WAN Miniport (Network Monitor) 0 TRUE WAN Miniport (IP) 0 TRUE WAN Miniport (IPv6) 0 TRUE RAS Async Adapter 0 # Promisc C:\>wmic /NAMESPACE:\\root\wmi PATH MSNdis_CurrentPacketFilter GET Active InstanceName NdisCurrentPacketFilter TRUE Microsoft ISATAP Adapter 0 TRUE Teredo Tunneling Pseudo-Interface 0 TRUE Intel(R) PRO/1000 MT Network Connection 43 <- Promisc!!! TRUE WAN Miniport (Network Monitor) 0 TRUE WAN Miniport (IP) 0 TRUE WAN Miniport (IPv6) 0 TRUE RAS Async Adapter 0 - How to detect a promiscuous interface by using WMIC http://ift.tt/1Jhm6W0
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment