NSLU2-Linux
view · edit · print · history

HowTo.DisablePromiscuousNetworkMode History

Hide minor edits - Show changes to markup

April 16, 2008, at 01:46 AM by Avend --
Changed lines 1-2 from:

Unslung (or maybe Linksys originally) setup the network to run in promiscuous mode. According to Tiersten on IRC this is due to /usr/sbin/download. If you are as uncomfortable with the possibility of having a sniffer on your network as I am you can disable promiscous mode:

to:

Unslung (or maybe Linksys originally) setup the network to run in promiscuous mode. According to Tiersten on IRC this is due to /usr/sbin/download. If you are as uncomfortable with the possibility of having a sniffer on your network as I am you can disable promiscuous mode:

Changed lines 19-22 from:

Important: If you kill /usr/sbin/download then the Sercomm upgrade utility will not work unless you restart it. If you've permanently disabled /usr/sbin/download and can't reenable it then the only way to upgrade with newer Unslung versions is to telnet into RedBoot.

to:

Important: If you kill /usr/sbin/download then the Sercomm upgrade utility will not work unless you restart it. If you've permanently disabled /usr/sbin/download and can't reenable it then the only way to upgrade with newer Unslung versions is to telnet into RedBoot.

---NOTE: Promiscuous mode is not a security 'weakness'. It just means that the network adapter will not discard packets destined for a different MAC address. Normally these packets will be rejected at the hardware level because the OS shouldn't really care about them if it's not operating as a router. All this modification does is force the discarding of non-local destined packets down to the hardware to manage instead of letting them get into the OS.

Restore
June 22, 2005, at 03:25 PM by tman --
Changed lines 1-2 from:

Unslung (or maybe Linksys originally) setup the network to run in promiscuous mode. According to Tiersten on irc this is due to /usr/sbin/download. If you are as uncomfortable with the possibility of having a sniffer on your network as I am you can disable promiscous mode:

to:

Unslung (or maybe Linksys originally) setup the network to run in promiscuous mode. According to Tiersten on IRC this is due to /usr/sbin/download. If you are as uncomfortable with the possibility of having a sniffer on your network as I am you can disable promiscous mode:

Changed lines 17-19 from:

Note: I killed the /usr/sbin/download process. If you run download again it will set the network back to promiscuous mode.

to:

Note: I killed the /usr/sbin/download process. If you run download again it will set the network back to promiscuous mode.

Important: If you kill /usr/sbin/download then the Sercomm upgrade utility will not work unless you restart it. If you've permanently disabled /usr/sbin/download and can't reenable it then the only way to upgrade with newer Unslung versions is to telnet into RedBoot.

Restore
November 05, 2004, at 08:10 PM by alexr --
Changed lines 1-17 from:

Describe DisablePromiscuousNetworkMode here.

to:

Unslung (or maybe Linksys originally) setup the network to run in promiscuous mode. According to Tiersten on irc this is due to /usr/sbin/download. If you are as uncomfortable with the possibility of having a sniffer on your network as I am you can disable promiscous mode:

/var/log/messages before:

Nov 4 00:42:42 klogd: ixp425_eth: ixp0: Entering promiscuous mode
Nov 4 00:42:42 klogd: device ixp0 entered promiscuous mode

Disable promiscuous mode:

# ifconfig ixp0 -promisc

/var/log/messages after:

Nov 5 02:42:42 klogd: ixp425_eth: ixp0: Leaving promiscuous mode
Nov 5 02:42:42 klogd: device ixp0 left promiscuous mode

Note: I killed the /usr/sbin/download process. If you run download again it will set the network back to promiscuous mode.

Restore
view · edit · print · history · Last edited by Avend.
Based on work by tman.
Originally by alexr.
Page last modified on April 16, 2008, at 01:46 AM