On Thu, Mar 07, 2002 at 09:53:40AM -0500, Michael Sharp wrote:
> If I disable; pseudo-device bpf
>
> in the kernel, this will prevent my Ethernet Device from going into
> Promiscious mode, thus preventing a sniffer from running on my machine
> correct? But wont it also kill ipfw functionality?

It will not really prevent your Ethernet device from going into promisc
mode; all it will do is, it will disable one of the ways userland
programs may snoop on (or sniff) packets going through any of your
system's network interfaces (not just Ethernet). A Netgraph node or a
specially-crafted kernel module could still intercept packets, but yes,
disabling the Berkeley packet filter would indeed make it more difficult
for the average script kiddie out there.

And no, it will not affect ipfw functionality in any way.

G'luck,
Peter

-- 
Peter Pentchev	roamringlet.net	roamFreeBSD.org
PGP key:	http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint	FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
because I didn't think of a good beginning of it.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjyHf+EACgkQ7Ri2jRYZRVP8ggCfUk4O/5uiL+Q5KeR5AOTl6RV+ MEoAnAx2sTaizqYE6Nbu66/F7LOE/5Up =H2bc -----END PGP SIGNATURE-----

To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]