Bpf: Difference between revisions
From Hackepedia
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
BPF is the Berkeley Packet Filter. It allows inspection and injection of [[OSI]] layer 2 frames. Typical implementations using BPF are [[pppoe]], [[dhcpd]] and [[tcpdump]]. For layers 3 and above it's wise to use [[socket]]s since the code dealing with complex things such as [[IP]] fragmentation, [[routing]], etc is already provided. | BPF is the Berkeley Packet Filter. It allows inspection and injection of [[OSI]] layer 2 frames. Typical implementations using BPF are [[pppoe]], [[dhcpd]] and [[tcpdump]]. For layers 3 and above it's wise to use [[socket]]s since the code dealing with complex things such as [[IP]] fragmentation, [[routing]], etc is already provided. | ||
=== Sniffing & Privacy === | |||
BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a switch or router. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use [[cryptography]] in communication. | |||
Revision as of 13:56, 8 October 2005
BPF is the Berkeley Packet Filter. It allows inspection and injection of OSI layer 2 frames. Typical implementations using BPF are pppoe, dhcpd and tcpdump. For layers 3 and above it's wise to use sockets since the code dealing with complex things such as IP fragmentation, routing, etc is already provided.
Sniffing & Privacy
BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a switch or router. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use cryptography in communication.
