The K Desktop Environment
NextPreviousTable of Contents

 

2. Installation

2.1 How to obtain KSnuffle

KSnuffle is available via the KSnuffle home page. It is available as source; binary and source RPMs may be forthcoming for RedHat. It may also be available from the KDE server or one of the mirrors.

2.2 Requirements

KSnuffle-2.2 has been built with:

Ksnuffle it may or may not build or run properly with other versions. As noted in the caveats section, it relies on libpcap-0.4 and glib2 (aka libc6). Also, ksnuffle operates outside the defined libpcap API; I am only able to test this for Linux.

2.3 Compilation and installation

For the source version, on a system as described above, just type
% ./configure
% make
% make install
    
(the latter as root).

For the RPM version (if it exists!) (it doesn't)

% rpm -ihv ksnuffle-2.0.rpm
    

2.4 Setuid-root installation

If KSnuffle is installed as a setuid-root program, then, when run by root, it can be configured to allow other non-root users to monitor the network. If it not installed setuid-root, then only root can use it to directly sniff interfaces on the local machine. Non-root users will be limited to replaying log files, and to accessing remote sniffers.

If this facility is required, use the command chmod ug+s ksnuffle on the installed program (if the KSnuffle executable is not owned by root, then chown root.root ksnuffle will be needed first). Alternatively, run KSnuffle as root and use the control on the User Setup page.

Again, I can only verify this function on Linux.

Before installing setuid-root, please see the section in caveats for further information and warnings.

2.5 Installing a remote sniffer

Ksnuffle can be used to sniff interfaces on remote machines via a remote sniffer process. To install this:

A connection to rsnuffle is authenticated against the first entry in /etc/rsnuffle.conf which matches the caller's IP address.

Note that rsnuffle can also be used to sniff local network interfaces where you do not with to make ksnuffle setuid-root nor to run as root.

Next Previous Table of Contents