I use a small util called "promisc" which shows whether or not a sniffer is currently in use on a system. Whenever I run statnet, tcpdump, or anything else which shows raw eth0 in/output, the proggy says that a sniffer has been detected. On one machine, when I quit using tcpdump, the program reports that a sniffer is not detected (which makes sense, since it's no longer reading from eth0.) On another, it continues to report that a sniffer is in place. With statnet, both machines report that a sniffer has been detected though I've exited the program. The only way to fix this is I've found is to reboot the machine (which isn't exactly a great way of going about it.) Any ideas what might be causing this, or is it a bug in the promisc software, or possibly just something strange with my ethernet card? Or, if there's a way I could force the machine to "reset" whatever value is causing it to report that it is being sniffed? = Jason Soros = = Assistant System Administrator http://www.laker.net/ = = Laker Information Systems http://www.laker.net/jason = = [EMAIL PROTECTED] [EMAIL PROTECTED] http://wizard.laker.net/ = = Why Drive When You Can Fly? = = Sales: 1-888-LAKERNET | Tech Support: 954-359-3670 = -- PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
