Why is my ethernet interface in promiscuous mode
- by nhed
I read that seeing a flag of M in netstat -i is the way to tell which of your interfaces is in promiscuous mode
I run it and I see that eth1 is in promiscuous mode
$ netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth1 1500 0 1770161198 0 0 0 57446481 0 0 0 BMRU
lo 16436 0 97501566 0 0 0 97501566 0 0 0 LRU
This seems to be the case on all the machines I checked (All Centos6.0, both virtual and physical), any idea why ethernet devices would be in such a mode unless someone was running any pcap based app (sudo lsof | grep pcap shows nothing)?
I did not see any mention of promiscuous in any of the config files (sudo grep -r promis /etc)
Any ideas what puts the interface into that mode and why?
p.s. most of the posts I see seem to be security related, this is not that
