In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>Yes, more expensive switches will have support for VLANs, which you
>can use to segment broadcast domains.
You don't need cisco, most (but not all) managed switches can do
vlans. Linksys has one with the features, but they can't manage to
Saturday, May 24, 2003, 9:01:01 AM, debian-security@lists.debian.org
(debian-security) wrote:
Ian> Thanks for that. I have cheap netgear switch at the moment connected to one
Ian> of the network's hubs. If
Ian> I invested in an expensive switch (like cisco or something) that could go
to
Ian> low
> tethereal -n not tcp port 22
Yep all I see is APR requests and Name queries now. I was using ssh at the
time!
> Are you sure it's not? Of course being connected on a big network you
> will receive plenty of junk, specialy as your broadcast domain seems
> quite big. Any machine looking for an o
Le sam 24/05/2003 à 00:24, Ian Goodall a écrit :
> >Try using tcpdump to investigate the problem. Make sure you use the
> >'-p' flag to tcpdump to tell it not to set the interface into
> >promiscuous mode. Something like
> ># tcpdump -i eth0 -p -n
>
> I have no idea what all the output means. Be
>Try using tcpdump to investigate the problem. Make sure you use the
>'-p' flag to tcpdump to tell it not to set the interface into
>promiscuous mode. Something like
># tcpdump -i eth0 -p -n
I have no idea what all the output means. Below is an extract from the
output:
23:17:22.564132 172.16.3
>Try using tcpdump to investigate the problem. Make sure you use the
>'-p' flag to tcpdump to tell it not to set the interface into
>promiscuous mode. Something like
># tcpdump -i eth0 -p -n
I have no idea what all the output means. Below is an extract from the
output:
23:17:22.564132 172.16.3
> What's the other end of your ethernet cable plugged into?
A switch. This is what is confusing me. Its a very cheap netgear switch so
it is probably sending out all the packets any way...
On Fri, May 23, 2003 at 08:32:27PM +0100, Ian Goodall wrote:
> > I have not got multicast enabled either so I don't know what is causing
> this...
>
> Oops looks like I have guys. I have read man 8 ifconfig but it will still
> not switch off. Is this what is causing it?
You probably don't want to
On Fri, 23 May 2003, Ian Goodall wrote:
> I have premoved promiscuous mode from my card. When checking ifconfig (eth0)
> I am still getting all the network traffic flowing through my computer or at
> least a lot of it. The system is sitting idle and I can see the traffic
> going up a few meg a min
> I have not got multicast enabled either so I don't know what is causing
this...
Oops looks like I have guys. I have read man 8 ifconfig but it will still
not switch off. Is this what is causing it?
The output from ifconfig is:
eth0Link encap:Ethernet HWaddr
inet addr:172.16.5.
I have premoved promiscuous mode from my card. When checking ifconfig (eth0)
I am still getting all the network traffic flowing through my computer or at
least a lot of it. The system is sitting idle and I can see the traffic
going up a few meg a minute with no one accessing it. I have re-installed
On Fri, May 23, 2003 at 01:32:36AM +0100, Ian Goodall wrote:
> A while ago I installed snort on my debian woody box. After removing snort
> the card is still stuck in promiscuous mode. How can I stop this? If it
> helps my network is a FA310tx running on a tulip driver.
man 8 ifconfig
Try it, may
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
>
> >Hi, Are you sure that this machine wasn't compromised ???
>
> this line made me wonder about what the correct output of ifconfig should
> be. I assume that if I am not listening on the port, the PROMISC entry
> should not be reporte
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
> Is there any reason for eth0 to be showing PROMISC all the time or is this
Some apps put the card into promisc mode and do not turn off promisc
when you exit.
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
>
> >Hi, Are you sure that this machine wasn't compromised ???
>
> this line made me wonder about what the correct output of ifconfig should
> be. I assume that if I am not listening on the port, the PROMISC entry
> should not be report
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
> Is there any reason for eth0 to be showing PROMISC all the time or is this
Some apps put the card into promisc mode and do not turn off promisc
when you exit.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscri
16 matches
Mail list logo
