Re: Packet sniffing & regular users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Brian Kim escreveu:
:: Hello all,
:: I'd like to give regular users the ability to sniff
:: packets (and possibly drop the NIC into promiscuous
:: mode?), without having to deal with sudo or su. How
:: could I go about doing this? And if you provide a
:: solution, what sorts of security concerns does it
:: present, aside from the obvious "anyone can see
:: anything" sort of concern?
First of all, there is the important fact of what
"anyone can see anything" is, as "s. keeling" already pointed,
the use of tcpdump and ethereal are very (and potential)
harmful.
Second, what problem exactly are you trying to solve,
sometimes in security we ask help to do something, but there
are better ways to work on that. If you could explain your
idea instead of just ask for a specific solution, perhaps
we can help you even better.
The third point is that, *maybe*, there are some
capabilities inside the kernel that could handle that, I'm
not sure but the idea/concept exists.
I don't exactly, but, if you already allow your
users to use sudo/su solutions, why are you trying to
change it and... if you are planning to use any "non
encrypted" authentication protocol over the network,
your users will have access to things like "root pass".
The mais problem I see, is that we cannot provide
a solution if we don't know exactly what is the problem.
Cheers,
- --
//////////
// Felipe Augusto van de Wiel (faw) <felipe@cathedrallabs.org>
// GUD-PR / DUG-PR || http://www.debian-pr.org
// GUD-BR / DUG-BR || http://www.debian-br.org
// Debian Project || http://www.debian.org/
//////////
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFCJhHVCjAO0JDlykYRAl2zAJ9ExqwLf/Tvz97xE+iHioH3YJUxsQCbBMUL
gIrA4rGzQA++AmbXUz11CBM=
=qhdX
-----END PGP SIGNATURE-----
Reply to: