Subject: Re: ascii dump for tcpdump (was Re: truss-like command for netbsd)
To: Wolfgang Rupprecht <firstname.lastname@example.org>
From: Jason Thorpe <email@example.com>
Date: 10/12/1998 11:46:52
On 12 Oct 1998 11:12:45 -0700
Wolfgang Rupprecht <firstname.lastname@example.org> wrote:
> One other point to consider is that its been a *long* time since
> tcpdump first came out. Back in the early days of tcpdump it wasn't
> common for folks to use encrypted logins. If someone snooped the
> ethernet you were basically hosed. There were no choices. Nowadays
> there are kerberos and ssh.
More importantly, I think LBL's excuse is rather lame, considering
(a) tcpdump is available in source form, and anyone can add
ASCII dumps to it fairly easily.
(b) anyone with perms to run tcpdump can trivially write their
own BPF-using program to dump packets in ASCII format.
Bascically, if you don't want people to sniff your wire, make it so
they can't open /dev/bpf*. Since our tcpdump isn't setuid, what's
Jason R. Thorpe email@example.com
NASA Ames Research Center Home: +1 408 866 1912
NAS: M/S 258-5 Work: +1 650 604 0935
Moffett Field, CA 94035 Pager: +1 650 940 5942