From owner-freebsd-security Mon Jul 28 17:54:19 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id RAA19087 for security-outgoing; Mon, 28 Jul 1997 17:54:19 -0700 (PDT) Received: from mail.webspan.net (root@mail.webspan.net [206.154.70.7]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA19077 for ; Mon, 28 Jul 1997 17:54:15 -0700 (PDT) Received: from orion.webspan.net (orion.webspan.net [206.154.70.5]) by mail.webspan.net (WEBSPAN/970608) with ESMTP id UAA29489; Mon, 28 Jul 1997 20:54:00 -0400 (EDT) Received: from orion.webspan.net (localhost [127.0.0.1]) by orion.webspan.net (WEBSPAN/970608) with ESMTP id UAA12857; Mon, 28 Jul 1997 20:53:59 -0400 (EDT) To: Vincent Poy cc: "Nicole H." , Robert Watson , "[Mario1-]" , JbHunt , security@FreeBSD.ORG, Tomasz Dudziak From: "Gary Palmer" Subject: Re: security hole in FreeBSD In-reply-to: Your message of "Mon, 28 Jul 1997 17:40:28 PDT." Date: Mon, 28 Jul 1997 20:53:59 -0400 Message-ID: <12855.870137639@orion.webspan.net> Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Vincent Poy wrote in message ID : > It seems the interface always goes into promiscuous mode though. Err? Not on my systems it doesn't. > Hmmm, if BPF isn't there, how will utils like trafshow work to > track people down? Track what people down? It's really a choice. You can run a secure shell server or you can run a shell server which, if hacked, becomes a real threat. I've taken certain liberties locally (bpf is still compiled in), but since the machine is right behind me (literally), and carefully watched, I'm not particularly worried right now. Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info