[clug] Securing EtherApe with setcap
Bryan Kilgallin (PC)
bryan at netspeed.com.au
Wed Oct 12 03:39:57 UTC 2016
Thanks for the explanations, Bob:
> Essentially, the kernel deals with the lower-levels of the network
> protocol stack and only delivers the data part of a packet from the
> transport layer (UDP, TCP or other) to an application (user-space
> program).
The EtherApe Capture menu lists Mode. Which can be Link Layer, IP or TCP.
> As the transport layer is responsible for determining what "port" a
> packet belongs to, it keeps network traffic flowing only to the intended
> destination program.
An EtherApe legend is listing the protocols ICMPV6, IGMP, ARP, DOMAIN,
HTTPS, POP3, HTTP, UDP-UNKN.
> This is also part of the "security model" that Linux has inherited from
> BSD and similar Unices etc.
{*Berkeley Software Distribution* (*BSD*) is a Unix
<https://en.wikipedia.org/wiki/Unix> operating system
<https://en.wikipedia.org/wiki/Operating_system> derivative developed
and distributed by the Computer Systems Research Group
<https://en.wikipedia.org/wiki/Computer_Systems_Research_Group> (CSRG)
of the University of California, Berkeley
<https://en.wikipedia.org/wiki/University_of_California,_Berkeley>, from
1977 to 1995.}
I understand that Linux is merely Unix-like.
https://en.wikipedia.org/wiki/Berkeley_Software_Distribution
> The "raw" interface allows the kernel to deliver network packets from
> the data-link layer (layer 2) to user-space programs, if they wish.
I have only a hazy idea of this concept.
{From lowest to highest, the layers are the link layer
<https://en.wikipedia.org/wiki/Link_layer>, containing communication
methods for data that remains within a single network segment (link);
the internet layer <https://en.wikipedia.org/wiki/Internet_layer>,
connecting independent networks, thus providing internetworking
<https://en.wikipedia.org/wiki/Internetworking>; the transport layer
<https://en.wikipedia.org/wiki/Transport_layer> handling host-to-host
communication; and the application layer
<https://en.wikipedia.org/wiki/Application_layer>, which provides
process-to-process data exchange for applications.}
https://en.wikipedia.org/wiki/Internet_protocol_suite
Regards,
Bryan.
--
www.netspeed.com.au/bryan/
==========================
More information about the linux
mailing list