Date: Wed, 11 Dec 1996 23:24:35 -0800 (PST) From: batie@agora.rdrop.com (Alan Batie) To: imp@village.org (Warner Losh) Cc: pete@sms.fi, taob@io.org, freebsd-security@freebsd.org Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) Message-ID: <m0vY5VU-0008uqC@agora.rdrop.com> In-Reply-To: <E0vY4ht-0005F8-00@rover.village.org> from "Warner Losh" at Dec 11, 96 11:33:21 pm
next in thread | previous in thread | raw e-mail | index | archive | help
If I read your response correctly, you're saying that some services you use require bpf, and because of that, are a weak spot in your security that you don't think should be necessary? I can understand that point, although I think that one always has administrative systems that are going to be sweet targets because of what they gain when compromised (e.g. accounting servers) and which need to be robustly secured. Perhaps there's a better way to implement rarpd and dhcpd than bpf, but I suspect (I'm no network programming expert) it would mean a new system interface specifically to receive broadcast packets. That's pretty ugly... IPv6 eliminates broadcasts entirely, replacing them with multicasts, which have a much safer mechanism for reception. That's not an immediately available option though :-) -- Alan Batie ______ batie@agora.rdrop.com \ / Assimilate this! +1 503 452-0960 \ / --Worf, First Contact DE 3C 29 17 C0 49 7A 27 \/ 40 A5 3C 37 4A DA 52 B9 It is my policy to avoid purchase of any products from companies which use unrequested email advertisements or telephone solicitation.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0vY5VU-0008uqC>