Re: securing nic's for snort

From: Burak DAYIOGLU (dayioglu@metu.edu.tr)
Date: 05/29/02 

Date: Wed, 29 May 2002 09:45:17 +0300
From: Burak DAYIOGLU <dayioglu@metu.edu.tr>
To: focus-linux@securityfocus.com

Patrick Morris wrote:

>You've pretty much got two options on this. You can have a stealth
>interface (which just means you've got no IP address assigned to it, so
>it listens on the network but there's no address to hit it on), or
>you can go all out and attach it to your hub/switch with a
>listen-only cable (one with the transmit wires removed).
>
>
Better yet, you can merge this two "options". Use a receive-only cable
(search focus-ids archives
for extensive discussions on this) and do not attach an IP address to
that interface.

regards. 

-- 
Burak DAYIOGLU
Phone: +90 312 2103379      Fax: +90 312 2103333
http://www.dayioglu.net        ICQ UIN: 72276975

Relevant Pages

  • Re: ipAttach error
    ... ifAddrSet to attach to dc1 device. ... Would that be part of the BSP? ... Attaching network interface lo0... ... present for fei0 and fei1, and if present, check if any of them is ...
    (comp.os.vxworks)
  • Re: ipAttach error
    ... ifAddrSet to attach to dc1 device. ... Would that be part of the BSP? ... Attaching network interface lo0... ... present for fei0 and fei1, and if present, check if any of them is ...
    (comp.os.vxworks)
  • Re: ipAttach error
    ... ifAddrSet to attach to dc1 device. ... Copyright 1984-2002 Wind River Systems, ... Attached TCP/IP interface to fei0. ...
    (comp.os.vxworks)
  • Re: IDS Stealth Mode
    ... The stealth interface hasn't to my knowledge been exploited but as you say ... Personally I'd be willing to accept the risk. ... Taliskers Network Security Tools ... Subject: IDS Stealth Mode ...
    (Focus-IDS)
  • ipAttach error
    ... The source code is using the functions ipAttach, ifMaskSet, ... ifAddrSet to attach to dc1 device. ... Attached TCP/IP interface to fei0. ...
    (comp.os.vxworks)