"Craig I. Hagan" wrote:
>
> if you snip the tx lead so that the machine can't send data, period, then this
> should be fine --
Actually, not. Try this with any modern day hub or switch. No Tx means
no link which means the port will not initialize. If the port does not
go active you have no Rx either.
Of course this would insure the system stays *secure*. ;)
> however, i wouldn't have the machine bridge to another
> network, even with the lead snipped, use the serial port to manage me machine,
> then there is no risk of packets being leaked.
Could you expand on this a bit? I'm not sure under what conditions
packets could "leak" when the OS has no protocols bound in order to
receive packets let alone decode them and pass them along. An example of
how an attacker could do this would be very cool.
Thanks!
Chris
--
**************************************
[EMAIL PROTECTED]
* Multiprotocol Network Design & Troubleshooting
http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet
* Mastering Network Security
http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
