[Bug 166255] [net] [patch] It should be possible to disable "promiscuous mode enabled" messages
Kevin Oberman
rkoberman at gmail.com
Mon May 23 16:23:32 UTC 2016
On Mon, May 23, 2016 at 2:54 AM, <bugzilla-noreply at freebsd.org> wrote:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=166255
>
> --- Comment #13 from borjam at sarenet.es ---
> (In reply to eugen from comment #10)
>
> Would be better to make it a loader only tunable, and read only at run
> time,
> indeed!
>
> --
> You are receiving this mail because:
> You are the assignee for the bug.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
+1
The knowledge that an interface is being set to promiscuous mode is very
important or security. Allowing it to be changed on a running system where
that change is likely to go unnoticed leaving you unaware that your network
is being snooped via a compromised system.
While I don't like the idea of hiding these messages at all and think
dealing with the issue through syslog.conf more appropriate, at least don't
let the setting be changed on a running system!
--
Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail: rkoberman at gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
More information about the freebsd-net
mailing list