hi jeff,
i don't think you can snoop/sniff the stuff on the cable segment using no
protocol bound to the nic, although you can put that nic in promiscuous mode
without one. i've tried this on solaris, since it's os i use, but it failed
to sniff anything on the network. if you worry about security get the
designated machine strip the os and rock'n'roll. you don't really care if
that machine is hacked or not, all you care are the logs which you can save
onto another box.
later, peter
>From: "Burgess, Jeff" <[EMAIL PROTECTED]>
>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: NICs and Protocols
>Date: Mon, 16 Aug 1999 15:29:50 -0400
>
>
> Hey,
> I have a question regarding running a NIC card in promiscuous mode
>without any protocols bound to it.
>
> Scenario is, we want to place a "monitoring" machine on our internal
>network to watch things, the idea arose to put a second NIC in the box to
>put in our DMZ (*Sort of like dual homing the machine, but without any
>protocols bound to it*).
>
> Now, being the security "cop" this rose several red flags for me while
>my
>mind was screaming out "no way in hell!" but I couldn't come up with one
>solid reason as to why not, so they want to go ahead with it.
>
> What I'm looking for from some of you more knowledgeable gurus is a
>reason not to let this happen, or reassurances from you as to why this
>isn't
>a problem, as my synapses are all screaming at me like spider man!!!
>
> ;-)
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
