Difference between revisions of "Bpf"
From Hackepedia
Jump to navigationJump to search| Line 3: | Line 3: | ||
=== Sniffing & Privacy === | === Sniffing & Privacy === | ||
| − | BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a switch or router. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use [[cryptography]] in communication. | + | BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a [[switch]] or [[router]]. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use [[cryptography]] in communication. |
Latest revision as of 16:27, 3 December 2005
BPF is the Berkeley Packet Filter. It allows inspection and injection of OSI layer 2 frames. Typical implementations using BPF are pppoe, dhcpd and tcpdump. For layers 3 and above it's wise to use sockets since the code dealing with complex things such as IP fragmentation, routing, etc is already provided.
Sniffing & Privacy
BPF is the interface for sniffing traffic that either gets forwarded through the UNIX host or passed to it by means of a monitor on a switch or router. Since this operation is simple for an administrator or another party having access to the wire it is recommended by everyone with a clue to use cryptography in communication.
