I'm sorry if wrong forum. I'm using the AntiARP program and its detected that is one PC in my local network is in promiscuous mode. So who knows what it possibly mean and could someone else to make it work like that?
Given that promiscuous usually refers to a woman who's a bit loose,I'd assume that it's a colourful way of describing an insecure pc,possibly revealing more info than it should.
The network card is looking at every packet, not just those addressed specifically to it. Promiscuous mode is often used in packet sniffers, but is usually a configuration error on a normal nodal device.
Is it possible to produce such as behaviour without a sniffer or whatever and, or maybe antiARP is wrong, what are you suggest?
I am reasonably sure it is still possible to configure a NIC into promiscuous mode, although I have not seen one personally since WFW 3.11 days. First question: Since you are only detecting one device as such on your network, are you certain that the device being detected is not itself? Second question: Does not the tool that is detecting this device describe the device (MAC address, IP Address) well enough to locate it physically? Third question: Is the device being detected perhaps a router? The very function of a router is to listen to traffic and send it on to the proper destination. Bottom line: I would not want a sniffer nor a PC acting as one on my network unless I placed it there explicitly.
Thanks for helping! The card ive been detecting is IP: 192.168.1.35 mac: 00-1E-8C-83-22-99 info: ASUSTek COMPUTER INC.while mine is IP: 192.168.1.117 mac: 00-0D-87-AE-27-D1 info: Elitegroup Computer System Co. (ECS). But i aware the one person of my network used the "CAIN&ABEL" (it is not .35) - i think you know what is that mean. and that is .200 IP and i periodically got this "192.168.1.200is doing mac scan". AntiARP has this option too(mac scan). Im already did changes to my Security Policy, to block all ICMP packets and block all IGMP by firewall to reduce vulnerability. I need a tool to detect ecxact the sourse of attacks, im really confused .
