rkhunter warnings on "possible promiscuous interface" and file properties checks
 

Hello
Recently i ran rkhunter after an update on my F10 and got couple of warnings of file properties checks and primarily " promiscuous interface warning"..After googling for a while i came to know that the update has caused the warnings on file properties checks .But I cant find anything relevant to promiscuous interface warnings..

This is the warning i got
>>>>Performing checks on the network interfaces
[17:25:24] Info: Starting test name 'promisc'
[17:25:24] Checking for promiscuous interfaces [ Warning ]
[17:25:24] Warning: Possible promiscuous interfaces:
[17:25:24] 'ifconfig' command output: UP BROADCAST RUNNING PROMISC MULTICAST


>>>>>What does this warning indicate ?Are these warning serious? How To rectify them? Any help would be appreciated...

Thanks In Advance To all

I hope you run 1.3.4 because that's the current version?


Verifying changes are legitimate then running 'rkhunter --propupd' should make RKH update its database.


Running RKH it clearly says if you've got questions that can't be solved by reading the docs or the FAQ you should check the rkhunter-users mailing list and archive at Sourceforge.


It indicates a network device has entered promiscuous mode. Promiscuous mode means the network device will be able to see traffic that's not destined for it. Applications may use packet capturing for finding "bad" traffic or traffic statistics.

Running Chkrootkit's 'ifpromisc' (caveat emptor) or these commands from root's Bash shell might give more insight: