[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: netstat ?

[Please reply only to the list, as per the CoC.]

On Wed, 24 Feb 2010 14:56:48 -0500
Jordan Metzmeier <titan8990@gmail.com> wrote:

> On Wed, Feb 24, 2010 at 2:26 PM, Celejar <celejar@gmail.com> wrote:


> > In Debian, Wireshark should probably never be run as root, even when
> > capturing packets.  See the README.Debian:


> I am familiar with the wireshark group from usage on non-Debian
> systems. IIRC on gentoo I had to build wireshark with particular USE
> flags so that non-root users in the wireshark group could capture
> (could be mistaken here).
> I have a feeling that is not the wireshark version from stable that
> you are displaying the README.Debian from.

Correct.  I'm running Sid.

> Last up we have the wireshark group. This was not created by wireshark
> installation. `dpkg-reconfigure wireshark-common` does not provide an
> option separate installation methods.
> I am afraid these features and documentation you are referring to are
> not present in Debian stable.

Quite possibly.  In any event, running wireshark as root is quite
dangerous, IIRC, as the program has a scary history of badly written
dissectors that can be manipulated by malicious packets, and I believe
that at least some of the exploits have allowed arbitrary code
execution.  You do *not* want that happening as root.

foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to: