Date: Mon, 28 Jul 1997 17:40:28 -0700 (PDT) From: Vincent Poy <vince@mail.MCESTATE.COM> To: Gary Palmer <gpalmer@FreeBSD.ORG> Cc: "Nicole H." <nicole@mediacity.com>, Robert Watson <robert+freebsd@cyrus.watson.org>, "[Mario1-]" <mario1@primenet.com>, JbHunt <johnnyu@accessus.net>, security@FreeBSD.ORG, Tomasz Dudziak <loco@onyks.wszib.poznan.pl> Subject: Re: security hole in FreeBSD Message-ID: <Pine.BSF.3.95.970728173911.3844T-100000@mail.MCESTATE.COM> In-Reply-To: <6954.870136449@orion.webspan.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Jul 1997, Gary Palmer wrote: =)"Nicole H." wrote in message ID =)<Chameleon.870081818.nmh@geekgirl>: =) =) =)> Does anyone know of a good way to detect people "sniffing" on the =)> network? IE a program that will detect a machine running in =)> promiscuous mode? =) =)There is no way to detect that from outside the machine ... after all, =)its just listening to all the packets that go past. =) =)FreeBSD 2.2 and later log a message to console when an interface goes =)into promiscuous mode. It seems the interface always goes into promiscuous mode though. =)The *REAL* answer is to remove BPF from all machines, and make sure =)they stay removed. Hmmm, if BPF isn't there, how will utils like trafshow work to track people down? Cheers, Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970728173911.3844T-100000>