Re: [Snort-users] non-root user cannot run snort
This is a discussion on Re: [Snort-users] non-root user cannot run snort within the Snort forums, part of the System Security and Security Related category; At 08:09 AM 1/27/2004, Robert Storey wrote: >It's funny that the Snort users manual makes ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-27-2004
|
|||
|
|||
Re: [Snort-users] non-root user cannot run snort
At 08:09 AM 1/27/2004, Robert Storey wrote:
>It's funny that the Snort users manual makes no mention of this issue. I >think I will write the authors and suggest that it be included. Quite frankly, it should be *obvious* that snort can't be directly executed by a non-root user.... if a non-root user could start snort, that user could VERY easily compromise the entire machine as a root user. Not to be rude, but anyone who runs snort really should have enough background in security to understand why non-root users can't be allowed to initiate sniffing interfaces. This is VERY basic security stuff. Along the lines of "don't make your password file world-writable". hint: if a non-root user can sniff interfaces, they can sniff them for login passwords (if non-encrypted protocols are used), engage in session hijacking, data injection, etc. It would be relatively easy to gain the privileges of other users this way. ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
