That depends on how you're gonna use it. I wouldn't open up a machine running ntop to the whole wide world, but mine is accessible from one other station only. That station is mine and is behind a firewall. Ntop can be a very valuable tool and gives lots of neatly formatted info. Compare it to searching with tcpdump / ethereal on a 350+ router network and you'll notice the difference.
If I would stop using every program that ever had an exploit from my list, I would end up still using c64 basic. Therefore "You don't want to use ntop" seems a bit brutal to me. Serge. p.s. Don't know which exploit it was, but I remember there was one fixed in the 2.0.99 release. -----Original Message----- From: rik [mailto:[EMAIL PROTECTED] Sent: dinsdag 11 juni 2002 17:35 To: [email protected] Subject: [rrd-users] Re: www.ntop.org Steve Godfrey wrote: > I've found some NTOP RPM's but they're only a couple of meg You don't want to use ntop. [EMAIL PROTECTED]:/usr/ports/net/ntop% make install :) ===> ntop-2.0_2 is forbidden: Remote exploit published and no official patch available. FreeBSD ports include good reasons when a port is denied. FYI, the exploit allows the ættacker to get a shell running as the user running ntop, on the system. If you tell use what are you trying to do, maybe we can suggest some alternatives. rik -- -- Unsubscribe mailto:[EMAIL PROTECTED] Help mailto:[EMAIL PROTECTED] Archive http://www.ee.ethz.ch/~slist/rrd-users WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi -- Unsubscribe mailto:[EMAIL PROTECTED] Help mailto:[EMAIL PROTECTED] Archive http://www.ee.ethz.ch/~slist/rrd-users WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
