On Feb 22, 10:53pm, Casper Dik (casper@fwi.uva.nl) wrote: > Subject: Re: snooper watchers > > > I'm doing some work for a client who has had some suggestions that they > > run a program to watch the state of ifconfig, and send mail if the > > interface ever goes promiscuous. This works just fine under SunOS 4.x, > > however, their concern is that this does not appear to work for Solaris 2.x. > > I have noticed that snoop in promiscuous mode does not affect the > > status from ifconfig, so the current method for looking for a > > promiscuous interface wont do them any good. I'll be looking into > > this, but I figured I'd ask here to see if anyone has done something > > like this. (I haven't seen a snooper for 2.x like the SunOS one, but with > > tools like snoop, I assume that one is in the works someplace.) > > > What works under Solaris 2.x is using lsof on the network pseudo > devices. It will show you all the snoopers, but not whether the > interface is promiscuous or not. The same method also works under > SunOS 4.1.x. > > BTW, snoopers for Solaris 2.x do exist and are out there. > > Casper >-- End of excerpt from Casper Dik Like /usr/sbin/snoop? :} cfs -- /-------------------\ Charles "Cyber-Buddah" Stephens | HELLO, my name is | UNIX Systems Administrator |-------------------| Network Systems/Open Systems Group, | cfs@emory.edu | Information Technology Division, | Charles Stephens | Emory University, Atlanta, Georgia, USA | | "You shall soon achieve perfection." -Fortune Cookie \-------------------/ http://userwww.service.emory.edu/~cfs