[rrd-users] Re: www.ntop.org
Serge Maandag
serge.maandag at staff.zeelandnet.nl
Tue Jun 11 22:35:02 MEST 2002
That depends on how you're gonna use it.
I wouldn't open up a machine running ntop to the whole wide world, but
mine is accessible from one other station only. That station is mine and
is behind a firewall. Ntop can be a very valuable tool and gives lots of
neatly formatted info. Compare it to searching with tcpdump / ethereal
on a 350+ router network and you'll notice the difference.
If I would stop using every program that ever had an exploit from my
list, I would end up still using c64 basic. Therefore "You don't want to
use ntop" seems a bit brutal to me.
Serge.
p.s. Don't know which exploit it was, but I remember there was one fixed
in the 2.0.99 release.
-----Original Message-----
From: rik [mailto:rik+rrdtool at little-black-kitty.net]
Sent: dinsdag 11 juni 2002 17:35
To: rrd-users at list.ee.ethz.ch
Subject: [rrd-users] Re: www.ntop.org
Steve Godfrey wrote:
> I've found some NTOP RPM's but they're only a couple of meg
You don't want to use ntop.
rik at bailey:/usr/ports/net/ntop% make install
:)
===> ntop-2.0_2 is forbidden: Remote exploit published and no official
patch available.
FreeBSD ports include good reasons when a port is denied.
FYI, the exploit allows the ættacker to get a shell running as the user
running ntop, on the system.
If you tell use what are you trying to do, maybe we can suggest some
alternatives.
rik
--
--
Unsubscribe mailto:rrd-users-request at list.ee.ethz.ch?subject=unsubscribe
Help mailto:rrd-users-request at list.ee.ethz.ch?subject=help
Archive http://www.ee.ethz.ch/~slist/rrd-users
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
--
Unsubscribe mailto:rrd-users-request at list.ee.ethz.ch?subject=unsubscribe
Help mailto:rrd-users-request at list.ee.ethz.ch?subject=help
Archive http://www.ee.ethz.ch/~slist/rrd-users
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the rrd-users
mailing list