Re: just running tcpdump makes promisc mode?

From: Craig Van Tassle (cvantassle_at_idealsystems.com)
Date: 06/24/04

  • Next message: mortar: "Counting p2p traffic."
    Date: Thu, 24 Jun 2004 10:17:58 -0400
    
    

    As I recall, they use IOCTL() to change the device to Promiscuous mode.
     That may be the reason why they are not showing as promiscuous when you
    see the results of an ifconfig.

    I may be wrong though. I don't have my Stevens book on me at the moment.

    Craig

    Monty Ree wrote:

    > Hello, all.
    >
    > I have operated redhat linux 7.x whcih kernel is 2.4.26. When I run
    > tcpdump or snort, the dmesg is seen like below.
    >
    > "device eth0 entered promiscuous mode"
    >
    > and when I stop tcpdump or snort, the dmesg is seen like below.
    >
    > "device eth0 left promiscuous mode"
    >
    > But I can't find PROMISC message when I execute ifconfig while tcpdump
    > or snort.
    >
    > Why the result of the dmesg and ifconfig is different?
    >
    >
    >
    > Thanks in advance.
    >
    > _________________________________________________________________
    > MSN Messenger를 통해 온라인상에 있는 친구와 대화를 나누세요.
    > http://messenger.msn.co.kr

    -- 
    Craig Van Tassle
    Ideal Systems, INC
    Network Administrator
    Toll-Free:(888)308-9888
    Mobile: (224)659-0796
    Email: Cvantassle@idealsystems.com
    

  • Next message: mortar: "Counting p2p traffic."

    Relevant Pages