Date: Thu, 9 Sep 1999 10:21:20 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: des@flood.ping.uio.no (Dag-Erling Smorgrav) Cc: newton@atdot.dotat.org (Mark Newton), Goran.Lowkrantz@infologigruppen.se (Lowkrantz Goran), freebsd-security@FreeBSD.ORG Subject: Re: Lisen only NIC Message-ID: <199909091721.KAA18571@gndrsh.dnsmgr.net> In-Reply-To: <xzpd7vsnmq2.fsf@flood.ping.uio.no> from Dag-Erling Smorgrav at "Sep 9, 1999 05:11:49 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> Mark Newton <newton@atdot.dotat.org> writes: > > Lowkrantz, Goran wrote: > > > To check on our DMZs I am building a monitor system with a protected > > > interface connected to the internal network and a multiport card to monitor > > > the consoles of the systems in the DMZs. To check for attacks I have setup > > > Snort and have tested with the Vision IDS but I want to hide the network > > > interface completely so that it can't be seen or heard or attacked or > > > anything. > > Cut the transmit pin on your patchlead. > > No. You'll lose link. Instead, use an external tranceiver and cut the > transmit pin on the AUI end of the tranceiver. Search the BUGTRAQ > archives for URLs to detailed descriptions of how to do this (and why > cutting the transmit pin on a 10BaseT patch cable won't work) Do any of them talk about drilling the trace between the NIC chip and the MAU chip/isolation? Thats where the ``AUI'' cable is now :-) This is often best done on the input side of the isolation transformer so that the input to the MAU chip is still properly balanced. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909091721.KAA18571>