Date: Wed, 11 Dec 1996 18:15:25 +1030 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: pete@sms.fi (Petri Helenius) Cc: taob@io.org, freebsd-security@freebsd.org Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) Message-ID: <199612110745.SAA23084@genesis.atrad.adelaide.edu.au> In-Reply-To: <199612110716.JAA01999@silver.sms.fi> from Petri Helenius at "Dec 11, 96 09:16:58 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Petri Helenius stands accused of saying: > Brian Tao writes: > > What are people's feelings on enabling devices like bpf or snp > > in the kernel on a public server? Obviously, had I not compiled bpf > > into the shell and Web server kernels, this particular incident would > > never have happened. However, I like to have access to tcpdump to > > check for things like ping floods, and trafshow to see where bytes are > > being sent. > > > I think one consideration here is that to run some of the desired > functionality, like dhcpd, you need to have them. Not on a _shell_server_ you don't. If you're in the business of offering shell access (which is fortunately becoming rarer), your shell machines need to be _watertight_, which normally involves removing just about everything. > Pete -- ]] Mike Smith, Software Engineer msmith@gsoft.com.au [[ ]] Genesis Software genesis@gsoft.com.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control. (ph) +61-8-8267-3493 [[ ]] Unix hardware collector. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612110745.SAA23084>