CROND[17991]: (root) CMD ( /usr/share/msec/promis c_check.sh) Having it logged every minute is really a bit overkill. Could it not be reimplemented as separate daemon that checks and logs only when promiscuous is really detected?
Besides, really amusing, in promiscuous_check.sh:
if tail /var/log/security.log | grep -q "promiscuous"; then
# Dont flood with warning.
exit 0
fi
Well well :)
-andrej
