Bpf: Difference between revisions
From Hackepedia
Jump to navigationJump to search
No edit summary |
|||
| Line 3: | Line 3: | ||
=== Sniffing & Privacy === | === Sniffing & Privacy === | ||
BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a switch or router. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use [[cryptography]] in communication. | BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a [[switch]] or [[router]]. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use [[cryptography]] in communication. | ||
Latest revision as of 16:27, 3 December 2005
BPF is the Berkeley Packet Filter. It allows inspection and injection of OSI layer 2 frames. Typical implementations using BPF are pppoe, dhcpd and tcpdump. For layers 3 and above it's wise to use sockets since the code dealing with complex things such as IP fragmentation, routing, etc is already provided.
Sniffing & Privacy
BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a switch or router. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use cryptography in communication.
