Date: Wed, 11 Dec 1996 17:30:20 -0500 (EST) From: Brian Tao <taob@io.org> To: Nate Williams <nate@mt.sri.com> Cc: FREEBSD-SECURITY-L <freebsd-security@freebsd.org> Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) Message-ID: <Pine.BSF.3.95.961211172853.9494e-100000@nap.io.org> In-Reply-To: <199612111835.LAA13289@rocky.mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 11 Dec 1996, Nate Williams wrote: > > I would *certainly* disable BPF on a public server. You can always use > another box to look at packets that isn't publically available. The servers here are all on switched ports, so I can't monitor all packets on the LAN. I suppose that was one saving grace which prevented the attacker from doing more damage than he did. I think the best thing to do is disable bpf, and set up a management station on the router segment to watch the packets. -- Brian Tao (BT300, taob@io.org, taob@ican.net) Senior Systems and Network Administrator, Internet Canada Corp. "Though this be madness, yet there is method in't"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.961211172853.9494e-100000>