Cheat Sheets

Security - No promiscuous interface

Description

Ensures there are no interfaces in promiscuous mode indicating package capturing

Solution

/sbin/ip a | grep PROMISC | awk -F: '{print $2}' | xargs -n 1 -I "{}" ifconfig "{}" -promisc

Check Script: security-no-promisc.sh

#!/bin/bash

interfaces=$(/sbin/ip a | grep PROMISC | awk -F: '{print $2}') if [ "$interfaces" != "" ]; then result_warning "Interfaces in promiscuous mode: $interfaces" else result_ok fi
Comment on Disqus