On Sun, Nov 11, 2007 at 09:13:42PM +0530, Siju George wrote: > Both > > http://www.wireshark.org/ and http://www.wireshark.org/ > > are not found in ports. Could somebody recommend any softwarew in 4.2 > ports that has related functionality? > If you don't mind building wireshark yourself, one way you can run it with limited privileges is:
1. install wireshark from sources 2. groupadd shark 3. chgrp shark /wherever/wireshark /dev/bpf* 4. chmod g+s,o-x /wherever/wireshark 5. chmod g+rw /dev/bpf* 6. use sudo to grant access to wireshark Of course, if a bad guy _does_ get control of wireshark, he OWNS your network, but at least you're not totally rooted. Take your chances. --Barry
