Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] promisuous or not?
  • From: Anders Johansson <andjoh@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 28 Feb 2002 23:13:58 +0100
  • Message-id: <200202282313.58587.andjoh@xxxxxxxxxxxxxxxxxxxxx>
On Thursday 28 February 2002 15:41, Boris Lorenz wrote:
> Yup,
>
> snort has a command-line option -p, which disables promiscuous mode
> sniffing. Are you sure you haven't used this option, maybe accidentally?

Yep, I'm sure. I saw notices in var/log/messages that said the interface went
into promiscuous mode, and I tested with tcpdump -i eth0.

I've now tested on a machine that had a fresh install with no connection to
the internet and it exhibits the same behaviour (which calmed my nerves
somewhat :). All three machines had the 8139too driver, so right now I'm
thinking it's a bug in that driver, that it never updates the proper fields
in the control structure or something.

//Anders

< Previous Next >