Cut the transmit cable pair on the Ethernet cable of your Internet link, or
make a special cable with only the receive pair connected. If you are
using a auto-configure hub/switch or NIC, you might need to hard-configure
one or both to the proper Ethernet speed and duplex. Label the cable
conspicuously!
Caution: I've read about, but never used this technique. Still, it's
cheap to try (a $10 cable and a few minutes of labor), and if it works, is
about as foolproof as you can get.
-- Rex
>Date: Wed, 22 Mar 2000 12:13:28 -0500
>From: "Gene Lee" <[EMAIL PROTECTED]>
>Subject: OpenBSD multi-homed IDS risks
>...
>I am in the middle of playing with IDS and due to hardware constraints, I am
>planning on running a temporary multi-homed IDS on my test lab, where one
>NIC is connected to the internet and the other NIC on the intranet (which
>provides a potential by-pass around the multi-homed firewall I have running
>parallel to it).
>...
>The current problem is that I need to make sure there is no leakage of
>internal traffic through the Internet NIC. I also need to be assured that
>the NIC does not inadvertently respond to broadcast traffic despite it not
>having an IP address. Does anyone know of any way anyone can make this box
>respond from the Internet using my configuration? Any other hardening
>techniques to make this more secure in this temporary configuration?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
