Date: Thu, 9 Sep 1999 12:42:53 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: imp@village.org (Warner Losh) Cc: jwyatt@rwsystems.net (James Wyatt), Goran.Lowkrantz@infologigruppen.se (Lowkrantz Goran), freebsd-security@FreeBSD.ORG Subject: Re: Lisen only NIC Message-ID: <199909091942.MAA18877@gndrsh.dnsmgr.net> In-Reply-To: <199909091922.NAA30860@harmony.village.org> from Warner Losh at "Sep 9, 1999 01:22:43 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> In message <Pine.BSF.4.10.9909091259540.45536-100000@bsdie.rwsystems.net> James Wyatt writes: > : The only *true* way I know of to get a listen-only NIC, is to physically > : disconnect the xmit line on the NIC. When I read about this in the > : "Repelling the wiley hacker" internet firewall/security book and tried it > : on an old 3Com 3c503, I thought it was sufficient and *really* secure. > : (The book is so good I've loaned it out so email for ISBN. Great book!) > > I've seen in other discussions that while you could do this with the > AUI based ethernet cards, you can't do this with 10base2 or 10base-t > cards. Thinnet is obvious... Actually 10base2 and 10baseT cards are usually very easy to do, they still have an AUI interface between the NIC chip and the MAU chip. You just need to find it on the board and ``clip'' the traces. > But the 10-base-t/100-base-t cards need > the xmit lines to negotiate speed settings with the hub. Can anybody > confirm this? Dual mode cards, and actually 100BaseT changed the game somewhat. But thankfully MII came along. MII is a fancier AUI, I don't have a data book with it in here, but you should be able to achive the same effect by cutting the Xmit pair between the NIC and MII chip. It may fail auto-negotiation, but given that the MII chip is suppose to handle all that it may just work fine. Anyone have the datasheet on the SEEQ NQ80220/G MII chip so I can do some surgery and test things out?? Oohhhhh... and is anyone seeing this from very recent Kingston KNE100TX cards: de0: <Digital 21143 Fast Ethernet> rev 0x41 int a irq 10 on pci0.14.0 de0: 21143 [10-100Mb/s] pass 4.1 (invalid EESPROM checksum) de0: address 00:c0:f0:4a:07:54 de0: enabling 100baseTX port The cards work fine... but our customers are asking what is up with this and I wanted to ask if anyone else is seeing it on any DEC based cards. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909091942.MAA18877>