On 04/24/2013 10:24 AM, Surbhi Jain wrote:
> Hi all,
>
> A normal user must have the permissions to capture and view the packet
> info. till layer 5 if that belongs to his request from server. He can be
> able to save a packet, to delete a packet, to edit a packet and sent it
> back to the server.
>
> Packet contains the info for the identification of the host ( IP address +
> Port number). I think we can use the options field of TCP header to contain
> the name of the owner of the packet in encrypted form. And this owner field
> must be checked with the current logged in user before opening the packet.
> This will ensure the security.
>
> With reference to my previous post, I think we can't openly change the
> permissions of the dumpcap .
>
> I need the discussions and help to carry forward this idea or come up with
> better ideas.
The distribution I use, gentoo, sets up a "wireshark" group. Members of
the group may use promiscuous mode on network interfaces.
Check your distro's documentation.
Phil