Date: Wed, 3 Feb 1999 00:48:34 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Michael Richards <026809r@dragon.acadiau.ca> Cc: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>, security@FreeBSD.ORG Subject: Re: tcpdump Message-ID: <Pine.BSF.3.96.990203004346.21838E-100000@fledge.watson.org> In-Reply-To: <Pine.GSO.4.05.9902030015490.7728-100000@dragon>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 3 Feb 1999, Michael Richards wrote: > On Tue, 2 Feb 1999, Jordan K. Hubbard wrote: > > > OK, time to raise this topic again. What to people think about > > enabling bpfilter by default in GENERIC? > > I would think that the majority of us do not use the bpfilter by default. > My personal opinion (whether correct or not) is that it is more secure > this way. Many kiddiez have scripts to automate tcpdumping for passwords > and other such nasties and having to compile a bpf module and load it is > beyond many people. (I admit I'd have to go find some instructions) Security by obscurity in that form works only until the first script-author writes script-kiddie-script-#20 which automates the process. And it's not such a complicated task that some bored hacker won't write it into tomorrow's rootkit. Bpfilter is a useful piece of functionality required for dhcp, a service that is increasingly popular. Even *Windows* ships with DHCP as a basic supported service, and as such, many public networks assume DHCP as a capability. Since Windows also tends to require DHCP servers for correct functioning, having FreeBSD capable of serving DHCP without a kernel recompile also sounds useful. It also makes a great debugging tool (we leave lots of debugging tools in place in the default install). Additionally, in the default install securelevels protect against few if any attacks that they are designed to prevent. The kernel may have the schg flag set, but /etc/rc doesn't out of the box. And I suspect that arguing it should out of the box is asking for trouble when joe-new-user can't set up rc.conf because *it* also has to be schg. I suspect still what we need is a man 8 securelevel (or something) with a list of guidelines, possibly based in the security -howto, etc. I am all for securing the base system; I just suspect that not enabling bpfilter by default does little to help without a more concerted security context, but does prevent basic necessary functionality. Robert N Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ SafePort Network Services http://www.safeport.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990203004346.21838E-100000>