After following a similiar discussion with Mr. Ranum (From my brother) about
the problems with Linux and NFR, Mr. Ranum responded quite promptly (and
very knowledgeably) as to the problems associated wit the stack and packet
capture capabilities. He reccomended using a BSD variant, we are currently
experimenting with freeBSD 2.2.7 (release I think?). I have not had ANY of
the problems that came up with Linux (RH 5,5.1,5.2). I believe that
additional work can be done with Linux to fix these issues, it is just a
matter of making it a widespread concern. I believe this to be case, after
seeing a libretto laptop (133mhz) do real time packet capture and
translation at a very rapid pace without missing a frame. This was
accomplished only after enormous tweeking of the stack (according the person
using it). I would like to thank Mr.Ranum for all of his help, and
reccomend seeing him at the blackhat conference this year if you have a
chance. I believe you will be impressed as to the level of knowledge and
assistance Mr. Ranum and NFR can provide.....
*I better get off my soapboz before I fall :-) *
Tim Doscher
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Marcus J. Ranum
Sent: Thursday, February 18, 1999 6:18 AM
To: Steven Choi; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: NAI Security Advisory: Vulnerability in NFR 2.0.2-Research
>I am getting frustrated.
Me too! We've posted about 15 messages to this list about
how mediocre Linux' packet capture routines are. We've put
stuff in the documentation, and we've done everything except
deliberately _force_ our software not to be able to build
on Linux. Why? Because there are always people who try it
and then post:
>I have installed NFR on Linux and it appears to keep missing packets
>even on my low bandwidth network.
We're sorry it doesn't work well but it's Linux' problem,
not ours. :( Linux is a fine operating system, yaddayaddayadda
but its packet capture code is pathetic. Read it and weep.
>My issue is whether to consider NFR a mission critical tool
Linux isn't a "mission critical" operating system, is the problem.
That's why we've gone out on a limb and risked pissing off the
faceless hordes of Linux fanatics by telling them that their
favorite O/S can't run with the big dogs. Try one of the BSD
derivatives, read the release notes, and you'll have less
problems.
On the other topic, Mudge's filters are a bit buggy (the
current versions) and he's in the process of furiously
writing N-code as we speak.
mjr.
--
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
work - http://www.nfr.net
home - http://www.clark.net/pub/mjr
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
