Script sniffer-detect

Script types: hostrule
Categories: discovery, intrusive
Download: https://svn.nmap.org/nmap/scripts/sniffer-detect.nse

Script Summary

Checks if a target on a local Ethernet has its network card in promiscuous mode.

The techniques used are described at http://www.securityfriday.com/promiscuous_detection_01.pdf.

Example Usage

nmap -sV --script=sniffer-detect <target>

Script Output

Host script results:
|_ sniffer-detect: Likely in promiscuous mode (tests: "11111111")

Requires

• nmap
• stdnse
• string
• table

---

Author:

• Marek Majkowski

License: Same as Nmap--See https://nmap.org/book/man-legal.html