[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] unix named socket



* Francisco Acosta wrote on Wed, Jul 16, 2003 at 09:42 -0400:
> How can I trace passively, communications through unix named
> socket, in the same way that ethereal or tcpdump do it for
> TCP/UDP?.

There is some hackertool that allows root to monitor
filedesciptors of a process. IIRC it e.g. allows to "sniff"
(locally) a SSH session for instance. The technique used by this
tool should work for the process that communicates via that FIFO.

Unfortunality, I forgot the name of this tool.

oki,

Steffen

-- 
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here