[ILUG] TCPDUMP
Niall O Broin
niall at magicgoeshere.com
Fri Sep 22 12:01:36 IST 2000
On Fri, Sep 22, 2000 at 10:24:07AM +0100, Brian Cullen wrote:
> I would however recommend removing tcpdump from your linux box if you are
> concerned about security as it is very powerful.
What do you mean exactly, Brian ? Tcpdump (and similar programs) of course
allows its user to see anything passing by on a net (which is why nothing
confidential should go on any net unenecrypted). Tcpdump can only be run by
root, so if you can't trust yourself . . . .
Interesting thought - tcpdump is on the BBC - access to a workstation, 5
minutes, and you're viewing everything on a company's LAN :-). I'm not
familiar with what's out there but I'm sure there are tcpdump type programs
available for Windows also. Thankfully for corporate security, this becomes
much less of an issue (none at all ?) on a switched LAN.
Regards,
Niall
More information about the ILUG
mailing list