Date: Fri, 4 Sep 1998 10:54:08 -0500 (CDT) From: "Paul T. Root" <proot@horton.iaces.com> To: adam@iexposure.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: bpfilter Message-ID: <199809041554.KAA28632@horton.iaces.com> In-Reply-To: <007c01bdd814$b0566740$091962d1@kilroy.ns.intexp.com> from Adam Maloney at "Sep 4, 98 09:59:59 am"
next in thread | previous in thread | raw e-mail | index | archive | help
In a previous message, Adam Maloney said: > Hello, > > I have a FreeBSD machine setup as a secondary DNS and sendmail fallback for > my network. I'd also like to use the machine as a network monitor. I > downloaded a package (trafshow-2.0) which requires the berkely packet filter > to be enabled. > > In the FreeBSD handbook, there's a paragraph that talks about the bpfilter > and how it can be a security risk to your network. What are the security > risks of running bpfilter, and how should I set it up? It's a security risk because a person on that machine can snoop every packet that goes across the network. And passwords go across in clear text. To setup bpfilter put: options bpfilter 4 in your kernel config and re-build. -- "Overconfidence may cost the Dodgers sixth place." -- Sportswriter Ed Murphy, on the hapless Brooklyn team of the 1930s. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809041554.KAA28632>