Re: device eth0 entered promiscuous mode

From: Harky (harky_at_nowhere.com)
Date: 09/27/03 

Date: Sat, 27 Sep 2003 06:04:06 GMT

"Robert" wrote...
> I reviewed the logs and it was from my account and my usual IP address
> during a time that I am normally in the office. Strange that I can't
recall
> more of the occasion of why I decided to go into promiscuous mode.
<snip>

I believe arpwatch also goes into prom mode. Perhaps you ran that?

Dann

Relevant Pages

  • Re: device eth0 entered promiscuous mode
    ... > I reviewed the logs and it was from my account and my usual IP address ... > more of the occasion of why I decided to go into promiscuous mode. ... Dann ...
    (comp.os.linux.security)
  • RE: Trace of 139 attack?
    ... Subject: Trace of 139 attack? ... The Administrator account can be locked out if too many ... deleting the logs he cannot do it. ...
    (Focus-Microsoft)
  • Re: FW: Trace of 139 attack?
    ... /complex—Forces passwords to have a mixture of upper ... > the admin account on local logins (physical security ... >> deleting the logs he cannot do it. ... >> ur Server ur logs will ...
    (Focus-Microsoft)
  • RE: Securty Audit Correlating
    ... exporting both(events and tickets) to a SQL/Access DB ... > viewer logs, so you can set filters for specific ... >>Currently we are outsourcing our account creation, ... >>After that generate a report. ...
    (Focus-Microsoft)
  • Re: Terminal Services Kiosk
    ... the locked-down account is the Active Directory account in ... the desktops, not the local accounts in the TS server. ... programs or kill the RD session? ... So one user logs in to the workstation ...
    (microsoft.public.windows.terminal_services)