On 12 Oct 1998 11:12:45 -0700 
 Wolfgang Rupprecht <wolfgang@wsrcc.com> wrote:

 > One other point to consider is that its been a *long* time since
 > tcpdump first came out.  Back in the early days of tcpdump it wasn't
 > common for folks to use encrypted logins.  If someone snooped the
 > ethernet you were basically hosed.  There were no choices.  Nowadays
 > there are kerberos and ssh.

More importantly, I think LBL's excuse is rather lame, considering
that:

	(a) tcpdump is available in source form, and anyone can add
	    ASCII dumps to it fairly easily.

	(b) anyone with perms to run tcpdump can trivially write their
	    own BPF-using program to dump packets in ASCII format.

Bascically, if you don't want people to sniff your wire, make it so
they can't open /dev/bpf*.  Since our tcpdump isn't setuid, what's
the problem?

Jason R. Thorpe                                       thorpej@nas.nasa.gov
NASA Ames Research Center                            Home: +1 408 866 1912
NAS: M/S 258-5                                       Work: +1 650 604 0935
Moffett Field, CA 94035                             Pager: +1 650 940 5942