Date: Wed, 3 Feb 1999 15:37:34 +1100 From: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> To: jkh@zippy.cdrom.com Cc: security@FreeBSD.ORG Subject: Re: tcpdump Message-ID: <99Feb3.152750est.40350@border.alcanet.com.au>
next in thread | raw e-mail | index | archive | help
"Jordan K. Hubbard" <jkh@zippy.cdrom.com> wrote: >OK, time to raise this topic again. What to people think about >enabling bpfilter by default in GENERIC? I personally think it would be a good idea. AFAIK, bpfilter is needed for: a) network debugging (eg using tcpdump) b) network monitoring (eg using ethereal) c) DHCP client My understanding is that FreeBSD is trying to reach the point where a `typical' user without any wierd peripherals never needs to compile a kernel - GENERIC combined with the boot-time configuration editor is sufficient to customise the kernel. I think it's a bit anomolous that tcpdump is part of the base system, but the system needs to be re-configured to use it. I don't believe there are any other utilities in this class. This is also a tool that a user is likely to be asked to use if he asks a tricky network- related question. Similarly, I believe that the use of DHCP is going to increase (with things like cable-modems becoming more common). It's worthwhile noting that there was recently a posting on ISC's dhcp-client mailing list which noted that FreeBSD's default configuration generates regular mail from FreeBSD people having problems with dhcpd (because there's no bpfilter by default). Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99Feb3.152750est.40350>