Date: Mon, 31 Jan 2000 15:22:39 -0600 From: nathan <beemern@ksu.edu> To: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: berkeley packet filter doesn't work?? Message-ID: <3895FD1F.D204FF6E@ksu.edu>
next in thread | raw e-mail | index | archive | help
I am trying to do some scanning of our office LAN to look for potential security breaches (eg. plaintext user/pass combinations thru SAMBA, POP auth, etc) and for inappropriate web browsing (eg. porn, hate sites, etc) however... when i run tcpdump, ethereal, readsmb, etc. --> all i see are the packets that have the host/destination address of my computer (the one i'm running these apps on) i have the appropriate line in my kernel config for the Berkely Packet Filter pseudo-device bpfilter 4 and i did the ol sh MAKEDEV bpf0 plus.. if bpf isn't config'd properly, those apps won't even RUN all i'm wanting to do is scan the traffic of the approximate 20 machines that we have connected through a 100 mbit/s 3com switch my questions--> 1) am i incorrect in my understanding of bpf?? 2) if so, what in the hell good is berkeley packet filter if i can't see any other packets 'sides those coming to/from my computer explicitly?? 3) how can i correct this so i can see ALL (or at least MORE) of the LAN traffic?? TIA!! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3895FD1F.D204FF6E>