Date: Wed, 3 Feb 1999 01:27:12 -0500 (EST) From: Snob Art Genre <benedict@echonyc.com> To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> Cc: security@FreeBSD.ORG Subject: Re: tcpdump Message-ID: <Pine.GSO.4.05.9902030124140.22459-100000@echonyc.com> In-Reply-To: <9575.918011566@zippy.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2 Feb 1999, Jordan K. Hubbard wrote: > OK, time to raise this topic again. What to people think about > enabling bpfilter by default in GENERIC? I like it better the way it is; I think enabling bpfilter by default is too friendly to crackers. I also like Matt's idea of not allowing open()s on the bpf device when the securelevel is greater than 0. Sniffing the network is definitely not something everyone needs to do, and setting it up is not so difficult anyway. Ben "You have your mind on computers, it seems." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.05.9902030124140.22459-100000>