netifera Blog

November 25th, 2008

About the backdoor in netifera

Some of you might be wondering why the netifera distribution includes an executable called ‘backdoor’.

We deliberately chose that name to draw attention to the fact that if you install this feature correctly you will be creating a security vulnerability on your system: Anybody who can execute the backdoor binary will be able to capture and send raw network packets.  We think this risk is minor and acceptable considering that it makes netifera much simpler to launch and use, but it’s disabled by default and should not be enabled without understanding the implications.

We’ll explain all the details of why it exists and how it works, and how large of a security hole it creates so you can decide for yourself if you want to use it or not.

Read the rest of this entry »