Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 5 Mar 2011 14:01:48 -0500 (EST)
From:      "Michael L. Squires" <mikes@siralan.org>
To:        erikmccaskey64 <erikmccaskey64@zoho.com>
Cc:        freebsd <freebsd-questions@freebsd.org>
Subject:   Re: Is it safe to run tcpdump?
Message-ID:  <20110305135922.I39360@familysquires.net>
In-Reply-To: <12e85ece3b5.7517152619980667233.9119604654657332096@zoho.com>
References:  <12e85ece3b5.7517152619980667233.9119604654657332096@zoho.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On Sat, 5 Mar 2011, erikmccaskey64 wrote:

> Is it safe to always run tcpdump on the server, e.g.: like this:
>
>
> tcpdump -qn dst net 192.168.1.0/24

Depends on who's watching; running tcpdump on a network managed by someone
else might be noticed by the network admin if they're looking for NICs
being run in promsicuous mode.  This is a red flag if you're looking for
someone running a password sniffer.

Mike Squires




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20110305135922.I39360>