Bugtraq mailing list archives
Re: snooper watchers
From: bent () snm com (Ben Taylor)
Date: Wed, 22 Feb 1995 17:37:20 -0500 (EST)
On Wed, 22 Feb 1995, Mark Graff wrote:
Internally, we've been looking into a couple of possibilities. I don't know whether a decision has been made as to what to do; I do know that it's a harder problem to solve than it might appear, because of differences in the kernel/driver interface.
That is apparent. The fact that snoop doesn't trip the promiscious mode for ifconfig is what bothered me. A preliminary truss of snoop showed it opening /dev/udp. The problem I'm also running into is that lsof does not appear to work under 2.4, as some internal file structures have changed. Someone has suggested doing some filtering on lsof output, as a way of keeping an eye out.
There is a fellow outside of Sun who has done some good work on this and I will contact him to see if he is in a position to discuss it or share it.
That would greatly appreciated.
-mg-
Ben Taylor --- Chief Information Officer --- Smoke N' Mirrors, Inc.
-=-=-=-=-=-=-=- Services for Systems Integration -=-=-=-=-=-=-=-=-
bent () snm com "Where the impossible jobs get done!" (703) 318-1440
580 Herndon Pkwy, Suite 300, Herndon VA, 22070
Current thread:
- Re: snooper watchers Mark Graff (Feb 22)
- Re: snooper watchers Casper Dik (Feb 22)
- Re: snooper watchers Ben Taylor (Feb 22)
- Re: snooper watchers Casper Dik (Feb 23)
- Re: lsof on Solaris 2.4 (was snooper watchers ) Dave Goldberg (Feb 23)
- <Possible follow-ups>
- Re: snooper watchers John Adams (Feb 23)
- Re: snooper watchers Julian Assange (Feb 23)
- Re: snooper watchers Karl Strickland (Feb 28)
- Re: snooper watchers Julian Assange (Feb 28)
- Re: snooper watchers Julian Assange (Feb 23)
- Re: snooper watchers Ben Taylor (Feb 24)
- Re: snooper watchers Charles Stephens (Feb 23)
- Re: snooper watchers mascarkp () cc3 adams edu (Feb 24)
- Re: snooper watchers Eiji Hirai (Feb 24)