Date: Tue, 20 Apr 1999 12:06:47 +0930 From: Greg Lehey <grog@lemis.com> To: Christopher Michaels <ChrisMic@clientlogic.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Sniffers and Sniffer detection [General UNIX question] Message-ID: <19990420120647.J40482@lemis.com> In-Reply-To: <6C37EE640B78D2118D2F00A0C90FCB441A6090@site2s1>; from Christopher Michaels on Mon, Apr 19, 1999 at 05:34:25PM -0400 References: <6C37EE640B78D2118D2F00A0C90FCB441A6090@site2s1>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday, 19 April 1999 at 17:34:25 -0400, Christopher Michaels wrote: >> On Sunday, April 18, 1999 4:41 AM, Greg Lehey <grog@lemis.com> wrote: >> > <snip> > >>> 2. Is it possible to install a sniffer, in a user account (with no root >>> access), and sniff the network and watch for passwords? >> >> FreeBSD won't allow you to set promiscuous mode unless you're root. >> > <snip> > > This brought up a couple questions in my mind... > > 1. If the interface is already in promiscuous mode (I realize the > implication of this), is it possible for a regular user to use a sniffer > program? No, they still need to be root. The sniffer program sets promiscuous mode, it's not a separate step. > 2. How do you take the interface out of promiscuous mode once it's > in it? Close the last bpf device. In other words, stop the sniffer(s). Greg -- When replying to this message, please copy the original recipients. For more information, see http://www.lemis.com/questions.html See complete headers for address, home page and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990420120647.J40482>