Is there any security risk associated with a NIC's promiscuous mode
while running tcpdump and/or arpwatch?
Thanks,
John
--
John Conover, [EMAIL PROTECTED], http://www.johncon.com/
___
freebsd-questions@freebsd.org mailing list
http
John Conover wrote:
Is there any security risk associated with a NIC's promiscuous mode
while running tcpdump and/or arpwatch?
A mild one. For example, I believe there was recently a security bug in
tcpdump's string handling which could be exploited by tcpdump seeing a
maliciously-crafted
John Conover wrote:
[ ... ]
A mild one. For example, I believe there was recently a security bug in
tcpdump's string handling which could be exploited by tcpdump seeing a
maliciously-crafted packet. Running the NIC in promisc mode means that packet
just has to go by, rather than being sent
On Fri, 7 Oct 2005, John Conover wrote:
Is there any security risk associated with a NIC's promiscuous mode
IF you're on a switched LAN, you'll only see traffic destined for MACs
that the switched has learned on your port (your NICs), plus
multi/broadcast.
Unless you configure switch
On 10/7/05, Chuck Swiger [EMAIL PROTECTED] wrote:
A mild one. For example, I believe there was recently a security bug in
tcpdump's string handling which could be exploited by tcpdump seeing a
maliciously-crafted packet. Running the NIC in promisc mode means that packet
just has to go by,