adrian kok wrote:
Hi all
Thank you for your reply
If I install those software, does my server have
security problem?
In my memory, I read a books before.
sth will make the network card to prismous mode and
there is security problem
I am not sure about it. please teach me
Promiscuous mode is a mode supported by most network cards where the card will
pass all recieved traffic on to the network software. When not in promiscuous
mode, the card only passes on network traffic that has it's MAC address as the
destination or the broadcast MAC address.
When in promiscuous mode, it is possible for anyone logged into that machine
to monitor _all_ traffic on the network, since promiscuous mode is a hardware
mode, and can't be set for individual users.
However, it's no more dangerous than the user next to you being able to boot
their machine off a CD and put _their_ card in promiscuous mode.
Any packet monitoring software is going to have to put the card into
promiscuous mode to do its work, so tcpdump isn't any more or less dangerous
than any other.
thank you again
--- Fernando Gleiser <[EMAIL PROTECTED]>
wrote: > On Fri, 20 Jun 2003, adrian kok wrote:
Hi all
Do you know where I can get snoop to analysis the
traffic?
If you mean Solaris' snoop, take a look at
tcpdump(1). It's in the base
system. You may also look at tcpshow (in the ports,
net/tcpshow) for
decoding tcpdump's output
Fer
_______________________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
