Date: Wed, 11 Dec 1996 17:04:36 +1030 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: softweyr@xmission.com (Wes Peters) Cc: msmith@atrad.adelaide.edu.au, security@freebsd.org Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) Message-ID: <199612110634.RAA22676@genesis.atrad.adelaide.edu.au> In-Reply-To: <199612110627.XAA00240@obie.softweyr.com> from Wes Peters at "Dec 10, 96 11:27:12 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Wes Peters stands accused of saying: > > Better yet, get some sort of sniffer package to run on another system. > We use Ether Peek for Macintosh and Win95 at work, both seem to work > well. In addition to *not* opening up your important machines to hack > attacks, such a tool will also let you look at non-IP activity, bare > ethernet activity, and let you examine the output of a machine that > seems to be going sick in the ether adapter. Tcpdump does all this and lots more; the filter language is pretty powerful. The fact that it knows how to interpret lots of protocols and that you can extend it (courtesy of the source and an easy internal interface) puts it over anyuthing else I've seen yet. > Wes Peters Softweyr LLC -- ]] Mike Smith, Software Engineer msmith@gsoft.com.au [[ ]] Genesis Software genesis@gsoft.com.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control. (ph) +61-8-8267-3493 [[ ]] Unix hardware collector. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612110634.RAA22676>