From owner-freebsd-security  Thu Sep  9 10:24:37 1999
Delivered-To: freebsd-security@freebsd.org
Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4])
	by hub.freebsd.org (Postfix) with ESMTP id 49E9B152A3
	for <freebsd-security@FreeBSD.ORG>; Thu,  9 Sep 1999 10:24:33 -0700 (PDT)
	(envelope-from freebsd@gndrsh.dnsmgr.net)
Received: (from freebsd@localhost)
	by gndrsh.dnsmgr.net (8.9.3/8.9.3) id KAA18571;
	Thu, 9 Sep 1999 10:21:20 -0700 (PDT)
	(envelope-from freebsd)
From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Message-Id: <199909091721.KAA18571@gndrsh.dnsmgr.net>
Subject: Re: Lisen only NIC
In-Reply-To: <xzpd7vsnmq2.fsf@flood.ping.uio.no> from Dag-Erling Smorgrav at "Sep 9, 1999 05:11:49 pm"
To: des@flood.ping.uio.no (Dag-Erling Smorgrav)
Date: Thu, 9 Sep 1999 10:21:20 -0700 (PDT)
Cc: newton@atdot.dotat.org (Mark Newton),
	Goran.Lowkrantz@infologigruppen.se (Lowkrantz Goran),
	freebsd-security@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Mark Newton <newton@atdot.dotat.org> writes:
> > Lowkrantz, Goran wrote:
> >  > To check on our DMZs I  am building a monitor system with a protected
> >  > interface connected to the internal network and a multiport card to monitor
> >  > the consoles of the systems in the DMZs. To check for attacks I have setup
> >  > Snort and have tested with the Vision IDS but I want to hide the network
> >  > interface completely so that it can't be seen or heard or attacked or
> >  > anything.
> > Cut the transmit pin on your patchlead.
> 
> No. You'll lose link. Instead, use an external tranceiver and cut the
> transmit pin on the AUI end of the tranceiver. Search the BUGTRAQ
> archives for URLs to detailed descriptions of how to do this (and why
> cutting the transmit pin on a 10BaseT patch cable won't work)

Do any of them talk about drilling the trace between the NIC chip and
the MAU chip/isolation?  Thats where the ``AUI'' cable is now :-)

This is often best done on the input side of the isolation transformer
so that the input to the MAU chip is still properly balanced.

-- 
Rod Grimes - KD7CAX - (RWG25)                    rgrimes@gndrsh.dnsmgr.net


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message