Re: [redhat-lspp] [PATCH] promiscuous mode
Steve Grubb wrote:
On Monday 05 December 2005 10:16, Linda Knippers wrote:
>Why these three?
Because quota and rlimit events represent violations of system resource usage
policy set forth by the administrator.
They aren't really violations of a policy because the operation didn't
succeed. Its really a case of someone bumping into a resource limit.
Isn't that why for quotas the message just goes to the user's tty
rather than to syslog?
I want promiscuous mode because that
means the user is now capable of sniffing passwords and other important
traffic.
I'd want to know of some other system on my network went into
promiscuous mode, but that system probably isn't being being
audited. :-)
-- ljk
-Steve