Joe the Hacker breaks into XYZ’s Linux system and plants a wiretap program in order to sniff
passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in
one of the network utilities. Joe is worried that network administrator might detect the wiretap
program by querying the interfaces to see if they are running in promiscuous mode.
What can Joe do to hide the wiretap program from being detected by ifconfig command?
A.
Block output to the console whenever the user runs ifconfig command by running screen
capture utiliyu
B.
Run the wiretap program in stealth mode from being detected by the ifconfig command.
C.
Replace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information
being displayed on the console.
D.
You cannot disable Promiscuous mode detection on Linux systems.
Explanation:
The normal way to hide these rogue programs running on systems is the use crafted
commands like ifconfig and ls.