Promiscuous mode

In computer networking, promiscuous mode or
promisc mode is a mode for a wired network
interface controller (NIC) or wireless network
interface controller (WNIC) that causes the
controller to pass all traffic it receives to the
central processing unit (CPU) rather than
passing only the frames that the controller is
intended to receive. This mode is normally used
for packet sniffing that takes place on a router
or on a computer connected to a hub (instead
of a switch) or one being part of a WLAN.
Interfaces are placed into promiscuous mode by
software bridges often used with hardware
virtualization.
In IEEE 802 networks such as Ethernet, token
ring, and IEEE 802.11, and in FDDI, each frame
includes a destination Media Access Control
address (MAC address). In non-promiscuous
mode, when a NIC receives a frame, it normally
drops it unless the frame is addressed to that
NIC's MAC address or is a broadcast or
multicast frame. In promiscuous mode,
however, the card allows all frames through,
thus allowing the computer to read frames
intended for other machines or network devices.
Many operating systems require superuser
privileges to enable promiscuous mode. A non-
routing node in promiscuous mode can
generally only monitor traffic to and from other
nodes within the same broadcast domain (for
Ethernet and IEEE 802.11) or ring (for token
ring or FDDI). Computers attached to the same
network hub satisfy this requirement, which is
why network switches are used to combat
malicious use of promiscuous mode. A router
may monitor all traffic that it routes.
Promiscuous mode is often used to diagnose
network connectivity issues. There are programs
that make use of this feature to show the user
all the data being transferred over the network.
Some protocols like FTP and Telnet transfer data
and passwords in clear text, without encryption,
and network scanners can see this data.
Therefore, computer users are encouraged to
stay away from insecure protocols like telnet
and use more secure ones such as SSH.