====== Network - Check Promiscuous ======

Promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety.  This mode of operation is sometimes given to a network snoop server that captures and saves all packets for analysis (for example, for monitoring network usage).

Promiscuous mode can be used in a malicious way to sniff on a network.

<code bash>
#!/bin/bash
#
# Scans ethernet cards if they are in Promisuous mode.
#
# every half hour.

while true
do

  for i in eth0 eth1
  do  
    if ifconfig $i | grep PROMISC > /dev/null then
    (echo $i Promisc;fpromisc) 2>&1 | Mail \
    -s PROMCUOUS sysadmin sysadmin@sharewiz.net
    fi
  done
  sleep 1800
done
</code>