From owner-freebsd-security Wed Sep 15 19:33: 0 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 95E6E1524D for ; Wed, 15 Sep 1999 19:32:57 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id UAA75382; Wed, 15 Sep 1999 20:32:56 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA17841; Wed, 15 Sep 1999 20:32:19 -0600 (MDT) Message-Id: <199909160232.UAA17841@harmony.village.org> To: Brett Glass Subject: Re: BPF on in 3.3-RC GENERIC kernel Cc: "Harry M. Leitzell" , security@FreeBSD.ORG In-reply-to: Your message of "Wed, 15 Sep 1999 17:09:23 MDT." <4.2.0.58.19990915170025.048d0b00@localhost> References: <4.2.0.58.19990915170025.048d0b00@localhost> <4.2.0.58.19990915164546.048d0100@localhost> Date: Wed, 15 Sep 1999 20:32:19 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <4.2.0.58.19990915170025.048d0b00@localhost> Brett Glass writes: : Maybe it's a religious issue, or maybe some utility depends on it. It is a religious issue AND some utility depends on it. DHCP requires it. : But it might not be a good idea to let it be on from the get-go. The DHCP client needs it. : If the machine is rooted, you've got an instant packet sniffer. If the machine is rooted, you are in big trouble anyway. Also, there are many ways that you can make a machine that doesn't have it enabled you can sniff packets from. The added security is an illusion. If you care about your network traffic disclosure, encrypt everything. : I plan to turn it off on EVERY install, and I sure wish it : were that way to start. I'm happy for you. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message