Re: Disabling Promisc mode,

Olaf Titz (olaf@bigred.inka.de)
Thu, 28 May 1998 11:57:49 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: J.E.J. op den Brouw: "Card for displaying monitor screen"
Previous message: David Woodhouse: "Re: BTTV & video4linux questions"

> > This is impossible through software. If a user gains root
> > access, and if the NIC has a promiscuous mode which is software
> > selectable, then that user can put the NIC into promiscuous mode.
> > Proof is left as an Exercise for the Reader.
> I think the idea is to disable this mode within the kernel and
> not leave the kernel source laying around within the machine. That
> way, even root can't get raw promiscous packets.

Then root writes a small C program that does the necessary I/O
operations from user space. That's the "Proof left..." part.
This could perhaps be disabled by securelevel settings, but not for
ordinary Un*xoid operations.

olaf

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: J.E.J. op den Brouw: "Card for displaying monitor screen"
Previous message: David Woodhouse: "Re: BTTV & video4linux questions"