Re: promiscuous eth0
Jeff,
It can potentially slow your machine down somewhat, as now the kernel has
to handle each and every frame transmitted on the network eth0 is attached
to, rather than only the ones addressed to your machine and
broadcasts. Quite a lot of load if your system isn't addressed much on a
high-traffic LAN.
Also, paranoid network administrators might be a little upset by it, since
Linux sends out a frame indicating it is switching into (or out
of) promiscuous mode. This is possible evidence that you're running a
sniffer of some kind (such as snort).
It seems quite strange that your PCMCIA network card doesn't function
properly unless promiscuous mode is enabled. This is not normal behavior,
and should be investigated as a technical difficulty.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++(++++)>$ UL++++>$ P--- L++>++$ E+ W+(-) N+ o? K? w---()
!O !M !V PS+(++)>+ PE-(--) Y+>+ PGP t+>++ !5 X-- R>++ tv(+) b+(++) DI(+) D++
G>+++ e--> h! !r y>+++
------END GEEK CODE BLOCK------
On Fri, 2 Mar 2001, Jeff Coppock wrote:
> I recently install snort on my laptop to check it out and now my pcmcia network card will pass IP only when snort is running (daemon mode or not), or I have to put my network card in promiscuous mode [#ifconfig eth0 -promisc].
>
> I can't find any configuration that is obvious to me that would cause this, but I'm an intermediate linux user. Any suggestions on where to look and what to look for?
>
> Also, are what problems might using promiscuous mode cause?
>
> thanks,
> jc
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: