What can Joe do to hide the wiretap program from being detected by ifconfig command?

Joe the Hacker breaks into pass4sure’s Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode.
Running “ifconfig -a”will produce the following: #
ifconfig -a 1o0: flags=848 mtu 8232 inet 127.0.0.1
netmask ff000000hme0: flags=863 mtu 1500 inet
192.0.2.99 netmask ffffff00 broadcast 134.5.2.255
ether 8:0:20:9c:a2:35 What can Joe do to hide the wiretap program from being detected by ifconfig command?

Joe the Hacker breaks into pass4sure’s Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode.

Running “ifconfig -a”will produce the following: #
ifconfig -a 1o0: flags=848 mtu 8232 inet 127.0.0.1
netmask ff000000hme0: flags=863 mtu 1500 inet
192.0.2.99 netmask ffffff00 broadcast 134.5.2.255
ether 8:0:20:9c:a2:35

What can Joe do to hide the wiretap program from being detected by ifconfig command?

A.
Block output to the console whenever the user runs ifconfig command by running screen capture utiliyu

B.
Run the wiretap program in stealth mode from being detected by the ifconfig command.

C.
Replace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information being displayed on the console.

D.
You cannot disable Promiscuous mode detection on Linux systems.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


seenagape

seenagape

Correct answer is