hello,
As the administrator I quite often wish to sniff packets on
the net. I need to use nfswatch, tcpdump, etc
The problem is when I enable copyall, and promiscuous mode it is
enabled for every one, not just root.
I have removed write access for others from the contents of
/dev/pf/pfilt*
eg
crw-r----- 1 root system 13, 0 Nov 14 1995 pfilt0
crw-r----- 1 root system 13, 1 Nov 14 1995 pfilt1
crw-r----- 1 root system 13, 10 Nov 14 1995 pfilt10
crw-r----- 1 root system 13, 11 Nov 14 1995 pfilt11
crw-r----- 1 root system 13, 12 Nov 14 1995 pfilt12
crw-r----- 1 root system 13, 13 Nov 14 1995 pfilt13
crw-r----- 1 root system 13, 14 Nov 14 1995 pfilt14
crw-r----- 1 root system 13, 15 Nov 14 1995 pfilt15
etc
Whats the nack? surely these is a way of allowing root only access
to packet sniffing software?
TIA
boc
--
----------------------------------------------------------------
"Where the apple reddens,|Brian O'Connor
never pry, |Unix Systems Consultant
Lest we lose our edens, |Latrobe University,Bendigo
Eve and I" |P.O. Box 199, Bendigo,
|3550 Victoria, Australia
Browning |boc_at_ironbark.bendigo.latrobe.edu.au
|work->+61 54 447524 fax->+61 54 447998
----------------------------------------------------------------
Received on Thu May 23 1996 - 11:20:31 NZST