Date: Wed, 30 Jun 1999 21:02:36 +0930 (CST) From: Kris Kennaway <kkennawa@physics.adelaide.edu.au> To: "Matthew N. Dodd" <winter@jurai.net> Cc: Julian Elischer <julian@whistle.com>, Bob Bishop <rb@gid.co.uk>, Peter Jeremy <jeremyp@gsmx07.alcatel.com.au>, hackers@freebsd.org Subject: Re: tcpdump(1) additions. Message-ID: <Pine.OSF.4.10.9906302058290.26171-100000@bragg> In-Reply-To: <Pine.BSF.4.10.9906300342250.1763-100000@sasami.jurai.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 30 Jun 1999, Matthew N. Dodd wrote:
> > It would make sense except that the last time someone tried, some people
> > complained that it made it too easy to sniff passwords etc.
>
> Thats such a bogus issue.
The argument (to me) is not one of capability, but expediency. If you're
running a tcpdump which includes telnet traffic and someone logs in, their
password goes floating past in front of your eyes (and anyone else who is
watching). Most of us can't read hex-encoded ascii strings, so the passswords
aren't apparent to the (witting or unwitting) casual observer.
But on the other hand it would certainly have its uses, so including this with
the default being the current hex dump seems fine to me.
Kris
-----
"Never criticize anybody until you have walked a mile in their shoes,
because by that time you will be a mile away and have their shoes."
-- Unknown
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.10.9906302058290.26171-100000>