From owner-freebsd-security Wed Dec 11 00:35:34 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id AAA26551 for security-outgoing; Wed, 11 Dec 1996 00:35:34 -0800 (PST) Received: from agora.rdrop.com (root@agora.rdrop.com [199.2.210.241]) by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id AAA26544 for ; Wed, 11 Dec 1996 00:35:32 -0800 (PST) Received: by agora.rdrop.com (Smail3.1.29.1 #17) id m0vXk8T-0008vkC; Wed, 11 Dec 96 00:35 PST Message-Id: From: batie@agora.rdrop.com (Alan Batie) Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) To: taob@io.org (Brian Tao) Date: Wed, 11 Dec 1996 00:35:25 -0800 (PST) Cc: freebsd-security@freebsd.org In-Reply-To: from "Brian Tao" at Dec 10, 96 09:58:09 pm X-Mailer: ELM [version 2.4 PL24 ME8a] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > What are people's feelings on enabling devices like bpf or snp > in the kernel on a public server? I've left it out of agora since day one (or near it) for exactly that reason... it makes it difficult to debug slip/ppp connections, but it's rare that packet monitoring is needed for them, and it's not worth the risk. -- Alan Batie ______ batie@agora.rdrop.com \ / Assimilate this! +1 503 452-0960 \ / --Worf, First Contact DE 3C 29 17 C0 49 7A 27 \/ 40 A5 3C 37 4A DA 52 B9 It is my policy to avoid purchase of any products from companies which use unrequested email advertisements or telephone solicitation.