Date: Wed, 11 Dec 1996 07:40:38 -0800 From: Cy Schubert <cy@cwsys.cwent.com> To: Brian Tao <taob@io.org> Cc: FREEBSD-SECURITY-L <freebsd-security@freebsd.org> Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) Message-ID: <199612111540.HAA03824@cwsys.cwent.com> In-Reply-To: Your message of "Tue, 10 Dec 1996 21:58:09 EST." <Pine.BSF.3.95.961210215417.9494P-100000@nap.io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> What are people's feelings on enabling devices like bpf or snp
> in the kernel on a public server? Obviously, had I not compiled bpf
> into the shell and Web server kernels, this particular incident would
> never have happened. However, I like to have access to tcpdump to
> check for things like ping floods, and trafshow to see where bytes are
> being sent.
You're better of putting these tools and enabling the kernel for them on
another machine on the network.
Regards, Phone: (604)387-8437
Cy Schubert OV/VM: BCSC02(CSCHUBER)
Open Systems Support BITNET: CSCHUBER@BCSC02.BITNET
ITSD Internet: cschuber@uumail.gov.bc.ca
cschuber@bcsc02.gov.bc.ca
"Quit spooling around, JES do it."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612111540.HAA03824>