Date: Wed, 11 Dec 1996 12:12:06 -0500 From: jc@irbs.com (John Capo) To: freebsd-security@freebsd.org Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) Message-ID: <Mutt.19961211121206.jc@irbs.com> In-Reply-To: <199612110432.UAA10905@root.com>; from David Greenman on Dec 10, 1996 20:32:02 -0800 References: <199612110353.OAA21602@genesis.atrad.adelaide.edu.au> <199612110432.UAA10905@root.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting David Greenman (dg@root.com): > > I made the mistake of putting bpf in freefall's kernel a long time ago and > forgot it was in there. Someone eventually took advantage of that and used it > to sniff passwords at Walnut Creek CDROM. This led to a serious break-in on > wcarchive. Needless to say, bpf is no longer in freefall's kernel. It was Are you saying that there is a way for a normal user to use bpf when permissions should prevent access? crw------- 1 root wheel 23, 0 Sep 13 17:34 /dev/bpf0 Or were the permissions wrong on freefall? John Capo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19961211121206.jc>