ccruss@pollux (Russ Hobby) (02/21/91)
I picked up NetCure (Netmon) and although it still seems to have a few
bugs to work out, it looks very nice.
However, I managed to break my network after using it. After playing
with Netmon and quiting, I started up KA9Q and went home. I leave KA9Q
running so that I can use my PC in my office as a PPP gateway. After I
left one of the other programmers noted that network was mostly broken
with multiple copies of each packet on the ethernet. He then traced it
to my PC, disconnected my PC from the ethernet and the problem when away.
I assume what happened was that Netmon left the packet driver in promiscuous
mode. When KA9Q was started it received all packets, not just the ones
addresssed to it on the ethernet. Since the IP packets were not for the
PC, KA9Q then forwarded the packets back onto the ethernet. To make matters
worse the PC also received its own packets and forward those too.
Fortunatly it would miss its own packet after a times and stop the chain.
I just wanted to warn others about this possibility.
Russ
Russell Hobby
Data Communications Manager
U. C. Davis
Computing Services INTERNET: rdhobby@ucdavis.edu
Davis Ca 95616 BITNET: RDHOBBY@UCDAVIS
(916) 752-0236 UUCP: ...!ucbvax!ucdavis!rdhobby
out onto the ethernet.etstjan@dutepp0.et.tudelft.nl (Jan van Oorschot) (02/22/91)
ccruss@pollux (Russ Hobby) writes: >I picked up NetCure (Netmon) and although it still seems to have a few >bugs to work out, it looks very nice. >I assume what happened was that Netmon left the packet driver in promiscuous >mode. When KA9Q was started it received all packets, not just the ones >addresssed to it on the ethernet. Since the IP packets were not for the >PC, KA9Q then forwarded the packets back onto the ethernet. To make matters >worse the PC also received its own packets and forward those too. >Fortunatly it would miss its own packet after a times and stop the chain. Your quite right, NetMon doesn't put the packet driver back to normal. I would advise you to remove the packet driver after using NetMon, you can do that with the "termin" utility (see packet-driver package). Put all the commands that start NetMon in a batch file, something like termin 0x7a wd8003e 0x7a 0x3 0x280 0xd000 netmon termin 0x7a KA9Q should configure the packet-driver to it's needs, and disable the promiscuous mode, but we're not all perfect, sorry for the trouble. Jan -- Ir. Jan van Oorschot. --- Email: JPMvOorschot@et.tudelft.nl -- -- Data Network Performance Analysis Project -- -- CARDIT, Delft University of Technology ------------ Tel: (31)-15-786179 -- -- P.O.Box 5031, 2600 GA Delft, The Netherlands ------ Fax: (31)-15-784898 --