Yes tcpdump depends on libpcap. You need libpcap if you have tcpdump (and most other sniffers like snort, ethereal).
On 10/12/06, Dennis Borkhus-Veto <[EMAIL PROTECTED]> wrote:
Would the tcpdump command? -----Original Message----- From: [email protected] <[email protected]> To: [email protected] <[email protected]> Sent: Thu Oct 12 18:49:54 2006 Subject: [ossec-list] Re: Ossec and nagios? I got the same message running etherape on my Linux box. I would guess that any sniffer would cause the same output. Meir Michanie wrote: > that could be related to snort, it is not related to nagios for sure. > > > On 10/13/06, Dennis Borkhus-Veto <[EMAIL PROTECTED]> wrote: >> >> I have been working on setting up a program called nagios on the same >> server as ossec and now I recdieved the folllowing error and am not >> sure if >> it is related. >> >> OSSEC HIDS Notification. >> 2006 Oct 12 11:58:27 >> >> Received From: HULK->/Raid/Log/messages >> Rule: 5104 fired (level 8) -> "Interface entered in promiscuous(sniffing) >> mode." >> Portion of the log(s): >> >> kernel: device eth0 entered promiscuous mode >> >> >> Dennis >> > -- Brian Avis SEARHC Medical Clinic Juneau, AK 99801 (907) 463-4049 Have a nice diurnal anomaly!
