From owner-freebsd-security  Tue Feb  2 20:58:40 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA17355
          for freebsd-security-outgoing; Tue, 2 Feb 1999 20:58:40 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA17348;
          Tue, 2 Feb 1999 20:58:38 -0800 (PST)
          (envelope-from jkh@zippy.cdrom.com)
Received: from zippy.cdrom.com (localhost [127.0.0.1])
	by zippy.cdrom.com (8.9.2/8.9.2) with ESMTP id UAA10093;
	Tue, 2 Feb 1999 20:59:04 -0800 (PST)
	(envelope-from jkh@zippy.cdrom.com)
To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
cc: Matthew Dillon <dillon@apollo.backplane.com>,
        "Jonathan M. Bresler" <jmb@FreeBSD.ORG>,
        woodford@cc181716-a.hwrd1.md.home.com, security@FreeBSD.ORG
Subject: Re: tcpdump 
In-reply-to: Your message of "Tue, 02 Feb 1999 23:46:47 EST."
             <199902030446.XAA23158@khavrinen.lcs.mit.edu> 
Date: Tue, 02 Feb 1999 20:59:04 -0800
Message-ID: <10089.918017944@zippy.cdrom.com>
From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> It still appears to be beyond the pale of the script kiddies to
> rewrite an Ethernet driver in order to enable it to hand off packets
> to BPF.  Hopefully it will stay that way for a little while longer.

Ummmm.  Let me just note for the record that the skill of the script
kiddies is essentially irrelevant here since their defining attribute
is to use scripts that others have written.  All it will take is one
semi-intelligent cracker type to write a exploit and associated LKD
module, then the rest will just run it blindly or whenever they've
gained root by other means.

- Jordan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message