Date: Wed, 8 Dec 1999 00:58:23 -0500 (EST) From: Matt Gostick <matt@crazylogic.net> To: freebsd-security@freebsd.org Subject: ethernet promiscuous mode. Message-ID: <Pine.BSF.4.10.9912080049330.68943-100000@thunk.crazylogic.net>
next in thread | raw e-mail | index | archive | help
I looked in logs tonight and found this wierd entry tonight: Dec 7 23:36:37 thunk /kernel: vr0: promiscuous mode enabled At the time two other users where ssh'd in but where idle for quite some time. It is my understanding that promiscuous mode is used for sniffers so they can capture all packets... Is there any other reason why my ethernet card would go into promiscuous mode without root (me) telling it to? Or is it more probable that someone hacked root and is sniffing other machines on the network from my box? 30 minutes later when I did ifconfig -a the vr0 device was not in PROMISC mode... Thanks for any input, Matt. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9912080049330.68943-100000>