[tcpdump-workers] Automatic report from sources (tcpdump libpcap htdocs) between 22.06.2004 - 23.06.2004 GMT

2004-06-23 Thread Automatic cvs log generator /tcpdump/bin/makelog
CVS log entries from 22.06.2004 (Tue) 09:06:51 - 23.06.2004 (Wed) 09:06:19 GMT = Summary by authors = Author: guy File: htdocs/index.html; Revisions: 1.50 Author: hannes File: tc

Re: [tcpdump-workers] Web page needs updating

2004-06-23 Thread Claudio Lavecchia
Is the forum still working? I tried to post earlier today and nothing happened. No posting in the mailing list archive, no reply, just nothing. Now I see that the last mail posted in the forum seems to contain a virus. Did that harm the mailing list server or something? C -Original Message--

[tcpdump-workers] Ethernet type in wrong byte order

2004-06-23 Thread Claudio Lavecchia
Title: Message  Hello,I am using libpcap to build a sniffer.I define an ethernet header as follows :/* Ethernet header */  struct sniff_ethernet {    u_char  ether_dhost[ETHER_ADDR_LEN];    // Destination host address     u_char  ether_shost[ETHER_ADDR_LEN];    // Source host addre

Re: [tcpdump-workers] Ethernet type in wrong byte order

2004-06-23 Thread Jefferson Ogata
Claudio Lavecchia wrote: /* Ethernet header */ struct sniff_ethernet { u_char ether_dhost[ETHER_ADDR_LEN];// Destination host address u_char ether_shost[ETHER_ADDR_LEN];// Source host address u_short ether_type; // IP? ARP? RARP? etc }; If I r

[tcpdump-workers] pcap_open_live error

2004-06-23 Thread Bowser Jason S Contr AFRL/IFTA
Title: Message Hey guys, i posted this problem yesterday and have a few more questions   The original problem is this   I am writing a program on an IRIX 6.5 machine that uses the libpcap to grab packets.  That usually works fine. However i have now decided that this program needs to have m

[tcpdump-workers] [PATCH] Drop unneeded capabilities

2004-06-23 Thread Matt Beaumont
I've written a little patch to drop all but the CAP_NET_ADMIN and CAP_NET_RAW capabilities immediately if tcpdump is running with root privileges. The idea is to limit the damage done by an exploit against tcpdump. Some of the inspiration for this patch came from here:

[tcpdump-workers] text format stability

2004-06-23 Thread Eddie Kohler
Hi all, I've noticed, painfully, that recent minor releases of tcpdump have changed the longstanding format for "tcpdump -v" text output. This isn't an inherently bad idea, but there are a lot of scripts in the world that parse tcpdump text output, and that are broken by arbitrary format chang

Re: [tcpdump-workers] [PATCH] Drop unneeded capabilities

2004-06-23 Thread Pekka Savola
On Wed, 23 Jun 2004, Matt Beaumont wrote: > I've written a little patch to drop all but the CAP_NET_ADMIN and > CAP_NET_RAW capabilities immediately if tcpdump is running with root > privileges. The idea is to limit the damage done by an exploit > against tcpdump. > > Some of the inspiration for