From owner-freebsd-isp  Fri Aug 20 14:50:49 1999
Delivered-To: freebsd-isp@freebsd.org
Received: from richard2.pil.net (richard2.pil.net [207.8.164.9])
	by hub.freebsd.org (Postfix) with SMTP id BE50D15B2E
	for <freebsd-isp@freebsd.org>; Fri, 20 Aug 1999 14:50:42 -0700 (PDT)
	(envelope-from up@pil.net)
Received: (qmail 22417 invoked by uid 1825); 20 Aug 1999 21:50:00 -0000
Date: Fri, 20 Aug 1999 17:49:59 -0400 (EDT)
From: <up@3.am>
X-Sender: up@richard2.pil.net
To: Arjan van der Oest <arjan@nl.demon.net>
Cc: freebsd-isp@freebsd.org
Subject: Re: multiple machines in the same network
In-Reply-To: <Pine.BSF.4.10.9908202336450.77552-100000@inventionz.noc.nl.demon.net>
Message-ID: <Pine.GSO.3.96.990820174824.22232B-100000@richard2.pil.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, 20 Aug 1999, Arjan van der Oest wrote:

> On Fri, 20 Aug 1999 up@3.am wrote:
> 
> > The best way is to just put a router between your colo customers and your
> > own LAN.  Second best is to employ an Ether switch.  The only way I know
> > of for the former method to sniff the LAN is to spoof the MAC address of a
> > box who's packets you want to intercept.
> 
> Just a router ? What about a firewalling router ?

Assuming you firewall to the outside world, sure.  Otherwise, it's fairly
pointless.  The main issue (IMHO) is to keep them from sniffing broadcast
packets.

James Smallacombe		      PlantageNet, Inc. CEO and Janitor
up@3.am							    http://3.am
=========================================================================
ISPF 3 - The Forum for ISPs by ISPs(tm)  ||  Nov 15-17, 1999, New Orleans
3 days of clues, news, and views from the industry's best and brightest.
     Visit <http://www.ispf.com/> for information and registration.
=========================================================================



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message