The server I'm using wireshark on has two NICs.
I put NIC0 on the LAN side which is how I remotely manage the server.
I put NIC1 on a hub just before the firewall so that I can see all public traffic before it hits the firewall.
On NIC1, I do not have any IP assigned which is on my lan but have 169.254.1.2 on it.
From what I understand, the NIC goes into promiscuous mode when wireshark and other network monitoring software fires up to use that NIC.
What I wondered about was, just now safe is it to have that NIC on the public side?
Thanks.