Quoting Robert McMahon <rwmat_private>: > edit /etc/sysconfig/network-scripts/ifcfg-eth2 file and remove all entries > and > add the following: > DEVICE=eth2 > ONBOOT=yes > PROMISC=yes > ARP=no > > These settings will activate the interface, put it in promiscuous mode > without an > IP address and will turn ARP off. Turning ARP off is important because the > interface will still respond to an ARP request even without an IP address. > And in case you are using Snort on OpenBSD(I don't know about NetBSD), edit the /etc/hostname.fxp1 (or whatever file you have for the specific interface) and add this - up That's it. Nilesh Chaudhari. -- > > > > "Paul D. Robertson" wrote: > > > On 3 Oct 2002, James X wrote: > > > > > One stumbling box has been the idea of a stealth port. I usually > > > operate my IDS boxes with the interfaces in stealth mode ie no IP > > > address or stack. I do not know of a way of acheiving this using linux > > > or netBSD etc.. and without it I would feel rather vulnerable. To help > > > > Maybe it's just me, but how about just not putting an IP address on the > > interface? > > > > I doubt you can get away with not puting IP in the kernel, but I really > > don't know enough about how libpcap does its thing to say for sure... > > > > Paul > > > ----------------------------------------------------------------------------- > > Paul D. Robertson "My statements in this message are personal > opinions > > probertsat_private which may have no basis whatsoever in fact." > > probertsonat_private Director of Risk Assessment TruSecure > Corporation > > > > _______________________________________________ > > firewall-wizards mailing list > > firewall-wizardsat_private > > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards > > _______________________________________________ > firewall-wizards mailing list > firewall-wizardsat_private > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards > _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Sat Oct 05 2002 - 17:56:22 PDT