On Sat, May 24, 2003 at 04:07:18PM +0200, Cristian Ionescu-Idbohrn wrote:
> Hi,
(...)
> This is the sid distributed package:
>
> ,
> | Package: iproute
> | Maintainer: Juan Cespedes <[EMAIL PROTECTED]>
> | Version: 20010824-9
> `
(...)
>
> Does anyone know of any particular reason why the
On Sat, May 24, 2003 at 04:07:18PM +0200, Cristian Ionescu-Idbohrn wrote:
> Hi,
(...)
> This is the sid distributed package:
>
> ,
> | Package: iproute
> | Maintainer: Juan Cespedes <[EMAIL PROTECTED]>
> | Version: 20010824-9
> `
(...)
>
> Does anyone know of any particular reason why the
In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>Yes, more expensive switches will have support for VLANs, which you
>can use to segment broadcast domains.
You don't need cisco, most (but not all) managed switches can do
vlans. Linksys has one with the features, but they can't manage to
Hi,
This might be just marginally security related, but here it goes.
Got curious about this and looked around. Checked ifconfig and ip
(iproute2).
,
| # ifconfig eth1
| eth1 Link encap:Ethernet HWaddr 00:80:c8:ca:4e:96
| UP BROADCAST RUNNING MTU:1500 Metric:1
`
Yes, I
Saturday, May 24, 2003, 9:01:01 AM, debian-security@lists.debian.org
(debian-security) wrote:
Ian> Thanks for that. I have cheap netgear switch at the moment connected to one
Ian> of the network's hubs. If
Ian> I invested in an expensive switch (like cisco or something) that could go
to
Ian> low
> tethereal -n not tcp port 22
Yep all I see is APR requests and Name queries now. I was using ssh at the
time!
> Are you sure it's not? Of course being connected on a big network you
> will receive plenty of junk, specialy as your broadcast domain seems
> quite big. Any machine looking for an o
Le sam 24/05/2003 à 00:24, Ian Goodall a écrit :
> >Try using tcpdump to investigate the problem. Make sure you use the
> >'-p' flag to tcpdump to tell it not to set the interface into
> >promiscuous mode. Something like
> ># tcpdump -i eth0 -p -n
>
>
>Try using tcpdump to investigate the problem. Make sure you use the
>'-p' flag to tcpdump to tell it not to set the interface into
>promiscuous mode. Something like
># tcpdump -i eth0 -p -n
I have no idea what all the output means. Below is an extract from the
ou
>Try using tcpdump to investigate the problem. Make sure you use the
>'-p' flag to tcpdump to tell it not to set the interface into
>promiscuous mode. Something like
># tcpdump -i eth0 -p -n
I have no idea what all the output means. Below is an extract from the
ou
> What's the other end of your ethernet cable plugged into?
A switch. This is what is confusing me. Its a very cheap netgear switch so
it is probably sending out all the packets any way...
You probably don't want to shut multicast off.
Try using tcpdump to investigate the problem. Make sure you use the
'-p' flag to tcpdump to tell it not to set the interface into
promiscuous mode. Something like
# tcpdump -i eth0 -p -n
noah
--
_
On Fri, 23 May 2003, Ian Goodall wrote:
> I have premoved promiscuous mode from my card. When checking ifconfig (eth0)
> I am still getting all the network traffic flowing through my computer or at
> least a lot of it. The system is sitting idle and I can see the traffic
> going up
> I have not got multicast enabled either so I don't know what is causing
this...
Oops looks like I have guys. I have read man 8 ifconfig but it will still
not switch off. Is this what is causing it?
The output from ifconfig is:
eth0Link encap:Ethernet HWaddr
inet addr:172.16.5.
I have premoved promiscuous mode from my card. When checking ifconfig (eth0)
I am still getting all the network traffic flowing through my computer or at
least a lot of it. The system is sitting idle and I can see the traffic
going up a few meg a minute with no one accessing it. I have re
On Fri, May 23, 2003 at 01:32:36AM +0100, Ian Goodall wrote:
> A while ago I installed snort on my debian woody box. After removing snort
> the card is still stuck in promiscuous mode. How can I stop this? If it
> helps my network is a FA310tx running on a tulip driver.
man 8 ifconf
A while ago I installed snort on my debian woody box. After removing snort
the card is still stuck in promiscuous mode. How can I stop this? If it
helps my network is a FA310tx running on a tulip driver.
Thanks
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
>
> >Hi, Are you sure that this machine wasn't compromised ???
>
> this line made me wonder about what the correct output of ifconfig should
> be. I assume that if I am not listening on the port, the PROMISC entry
> should not be reporte
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
> Is there any reason for eth0 to be showing PROMISC all the time or is this
Some apps put the card into promisc mode and do not turn off promisc
when you exit.
Hi, Are you sure that this machine wasn't compromised ???
this line made me wonder about what the correct output of ifconfig should
be. I assume that if I am not listening on the port, the PROMISC entry
should not be reported in ifconfig. I should only see PROMISC if I am
running tcpdump,
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
>
> >Hi, Are you sure that this machine wasn't compromised ???
>
> this line made me wonder about what the correct output of ifconfig should
> be. I assume that if I am not listening on the port, the PROMISC entry
> should not be report
On Fri, Mar 16, 2001 at 10:27:23PM -0600, JonesMB wrote:
> Is there any reason for eth0 to be showing PROMISC all the time or is this
Some apps put the card into promisc mode and do not turn off promisc
when you exit.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscri
>Hi, Are you sure that this machine wasn't compromised ???
this line made me wonder about what the correct output of ifconfig should
be. I assume that if I am not listening on the port, the PROMISC entry
should not be reported in ifconfig. I should only see PROMISC if I am
running tcpdump,
22 matches
Mail list logo
