Subject: Re: a remote user can check promiscuous mode
To: Matthias Drochner <M.Drochner@fz-juelich.de>
From: Andrew Brown <atatat@atatdot.net>
List: tech-net
Date: 01/19/2000 15:29:02
>> > >We better keep this specialized.
>> > 
>> > ether_input() then? 
>> 
>> Uhm... yes, I guess so.
>
>This issue was discussed not too long ago, and it was stated that
>there are network chips which tell whether an incoming packet
>came in due to an exact match or multi/broadcast - even in
>promiscuous mode. Would be a waste to ignore this.

my issue was not with whether the card is cognizant of
{uni,multi,broad}cast packets (or anycast, hello ipv6), but rather
where the hardware layer address is checked vs. the ip layer address
for sanity.

the problem as i understood it was that a packet with a unicast
hardware address (not of my machine) but a broadcast ip address (no,
not normal, but certainly manufacturable, and certainly matching me)
will (a) be picked up by the card, (b) passed up to the upper layers
and (c) responded to (ie, an icmp echo reply).

if the result is that a reply will be sent from your machine when it
(or, more properly, it's nic) is in promiscuous mode, then i say
that's "wrong"(tm).

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."