From owner-freebsd-questions  Fri Sep  4 17:25:52 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA04575
          for freebsd-questions-outgoing; Fri, 4 Sep 1998 17:25:52 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from whitestar.cpn.org.au (ppp03.dpac.tas.gov.au [147.109.155.72])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA04570
          for <freebsd-questions@FreeBSD.ORG>; Fri, 4 Sep 1998 17:25:48 -0700 (PDT)
          (envelope-from cpn@dpac.tas.gov.au)
Received: from whitestar.cpn.org.au (whitestar.cpn.org.au [172.16.1.4])
	by whitestar.cpn.org.au (8.8.8/8.8.7) with SMTP id KAA10382;
	Sat, 5 Sep 1998 10:23:19 +1000 (EST)
	(envelope-from cpn@dpac.tas.gov.au)
Date: Sat, 5 Sep 1998 10:23:19 +1000 (EST)
From: Carey Nairn <cpn@dpac.tas.gov.au>
X-Sender: cpn@whitestar.cpn.org.au
To: "Paul T. Root" <proot@horton.iaces.com>
cc: adam@iexposure.com, freebsd-questions@FreeBSD.ORG
Subject: Re: bpfilter
In-Reply-To: <199809041554.KAA28632@horton.iaces.com>
Message-ID: <Pine.BSF.3.96.980905102228.10377A-100000@whitestar.cpn.org.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, 4 Sep 1998, Paul T. Root wrote:

> In a previous message, Adam Maloney said:
> > Hello,
> > 
> > I have a FreeBSD machine setup as a secondary DNS and sendmail fallback for
> > my network.  I'd also like to use the machine as a network monitor.  I
> > downloaded a package (trafshow-2.0) which requires the berkely packet filter
> > to be enabled.
> > 
> > In the FreeBSD handbook, there's a paragraph that talks about the bpfilter
> > and how it can be a security risk to your network.  What are the security
> > risks of running bpfilter, and how should I set it up?
> 
> 
> It's a security risk because a person on that machine can snoop every
> packet that goes across the network. And passwords go across in clear
> text.
> 
> To setup bpfilter put:
> 
> options	bpfilter 4

That should be 

pseudo-device 	bpfilter 4


> 
> in your kernel config and re-build.
> 
> -- 
> "Overconfidence may cost the Dodgers sixth place." -- Sportswriter Ed
> Murphy, on the hapless Brooklyn team of the 1930s.
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message