From owner-freebsd-security  Tue Feb  2 22:27:28 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA03172
          for freebsd-security-outgoing; Tue, 2 Feb 1999 22:27:28 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from echonyc.com (echonyc.com [198.67.15.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA03161
          for <security@FreeBSD.ORG>; Tue, 2 Feb 1999 22:27:25 -0800 (PST)
          (envelope-from benedict@echonyc.com)
Received: from localhost by echonyc.com (8.9.1/8.9.1) with ESMTP id BAA22764;
	Wed, 3 Feb 1999 01:27:12 -0500 (EST)
Date: Wed, 3 Feb 1999 01:27:12 -0500 (EST)
From: Snob Art Genre <benedict@echonyc.com>
Reply-To: ben@rosengart.com
To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>
cc: security@FreeBSD.ORG
Subject: Re: tcpdump 
In-Reply-To: <9575.918011566@zippy.cdrom.com>
Message-ID: <Pine.GSO.4.05.9902030124140.22459-100000@echonyc.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, 2 Feb 1999, Jordan K. Hubbard wrote:

> OK, time to raise this topic again.  What to people think about
> enabling bpfilter by default in GENERIC?

I like it better the way it is; I think enabling bpfilter by default is
too friendly to crackers.  I also like Matt's idea of not allowing
open()s on the bpf device when the securelevel is greater than 0.

Sniffing the network is definitely not something everyone needs to do,
and setting it up is not so difficult anyway.


 Ben

"You have your mind on computers, it seems." 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message