Alvaro Zuniga <[EMAIL PROTECTED]> writes: > Dear Friends: > After John requested some help for his smoothwall project and considering > that > his recommendation for software solutions is always respected, I decided to > give it a shot. > > I have had a Slackware box with 100MHz running as a IPMasq machine for a > quite > a while. As I write I just thought about checking the uptime but too late. It > is gone! Anyhow, my newly installed Smoothwall Box seems to be doing a great > job. I will not even have to setup the DNS Caching server because thankfully > it has one. I remmember I spent days to setup DNS and I never quite > understood the process. > > Anyway my question is why is the Internet interface card in Promiscuous mode? > For what I have read in the past in Maximum Linux Security this mode is to > scan all packets into the card. Why is this necessary? I also remember > reading that it is possible for a network administrator to detect when a card > is in this mode. Would I be in trouble with Cox if they catch me with a card > in this mode?
If Smoothwall is running snort or some other Network Intrusion software, then your card would be in promisc mode. That's because snort and other NIDs are packet sniffers. -- Scott Harney<[EMAIL PROTECTED]> "...and one script to rule them all."
