-----BEGIN PGP SIGNED MESSAGE-----
This thread was posted to the Linux-kernel mailing list and the response
back was that dramatic changes happened for the 2.2 kernels. has anyone
looked at this on the new kernels?
David Lang
On Thu, 18 Feb 1999, Tim Doscher wrote:
> Date: Thu, 18 Feb 1999 07:37:23 -0800
> From: Tim Doscher <[EMAIL PROTECTED]>
> To: 'Marcus J. Ranum' <[EMAIL PROTECTED]>, 'Steven Choi' <[EMAIL PROTECTED]>,
[EMAIL PROTECTED], [EMAIL PROTECTED]
> Subject: RE: NAI Security Advisory: Vulnerability in NFR 2.0.2-Research
>
> After following a similiar discussion with Mr. Ranum (From my brother) about
> the problems with Linux and NFR, Mr. Ranum responded quite promptly (and
> very knowledgeably) as to the problems associated wit the stack and packet
> capture capabilities. He reccomended using a BSD variant, we are currently
> experimenting with freeBSD 2.2.7 (release I think?). I have not had ANY of
> the problems that came up with Linux (RH 5,5.1,5.2). I believe that
> additional work can be done with Linux to fix these issues, it is just a
> matter of making it a widespread concern. I believe this to be case, after
> seeing a libretto laptop (133mhz) do real time packet capture and
> translation at a very rapid pace without missing a frame. This was
> accomplished only after enormous tweeking of the stack (according the person
> using it). I would like to thank Mr.Ranum for all of his help, and
> reccomend seeing him at the blackhat conference this year if you have a
> chance. I believe you will be impressed as to the level of knowledge and
> assistance Mr. Ranum and NFR can provide.....
> *I better get off my soapboz before I fall :-) *
> Tim Doscher
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Marcus J. Ranum
> Sent: Thursday, February 18, 1999 6:18 AM
> To: Steven Choi; [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: NAI Security Advisory: Vulnerability in NFR 2.0.2-Research
>
>
> >I am getting frustrated.
>
> Me too! We've posted about 15 messages to this list about
> how mediocre Linux' packet capture routines are. We've put
> stuff in the documentation, and we've done everything except
> deliberately _force_ our software not to be able to build
> on Linux. Why? Because there are always people who try it
> and then post:
>
> >I have installed NFR on Linux and it appears to keep missing packets
> >even on my low bandwidth network.
>
> We're sorry it doesn't work well but it's Linux' problem,
> not ours. :( Linux is a fine operating system, yaddayaddayadda
> but its packet capture code is pathetic. Read it and weep.
>
> >My issue is whether to consider NFR a mission critical tool
>
> Linux isn't a "mission critical" operating system, is the problem.
> That's why we've gone out on a limb and risked pissing off the
> faceless hordes of Linux fanatics by telling them that their
> favorite O/S can't run with the big dogs. Try one of the BSD
> derivatives, read the release notes, and you'll have less
> problems.
>
> On the other topic, Mudge's filters are a bit buggy (the
> current versions) and he's in the process of furiously
> writing N-code as we speak.
>
> mjr.
> --
> Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
> work - http://www.nfr.net
> home - http://www.clark.net/pub/mjr
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
"If users are made to understand that the system administrator's job is to
make computers run, and not to make them happy, they can, in fact, be made
happy most of the time. If users are allowed to believe that the system
administrator's job is to make them happy, they can, in fact, never be made
happy."
- -Paul Evans (as quoted by Barb Dijker in "Managing Support Staff", LISA '97)
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBNsx+bT7msCGEppcbAQGErwgAvz1JHTEkqvllw6lZbUZymEkTx8I7CAh9
sZJUEyqjBag33QtWqF9k+vu1VvZynq6xX7jKamth7X/XrIk0aLTGTkN2mmT42MCY
3/FZO9fNcE4Im+o8lGpJWo6D/VvEQOVQUdjqxWn59ScVqFp04WxT+w1ywhlhb0eM
vzB/KVX3Vfld5L1lYPEkrRQzNq5ZoH+M6tEhXevjBi4e9xvmNUjcafWi3diCWM5Y
MJHYc3EBwojkbOgOws5yC6W96zAvLOyha/0H1UaZYlYBTOYsNXuymCetW27gyZfS
2ULFPJY3EYK+F655nSmfClQAYuWeUJYYncPHiZazPjfKKLnfGotabw==
=6Pmb
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
