Hello, For a variety of reasons, I need to be able to make an ethernet interface on a gentoo system, change into listen only (stealth mode). Kind of like half duplex, so to speak. Any simple tricks? Just disabling all responses from the ethernet interface would do. I know I can just use 'ifconfig eth0 down' but anything more elegant or that would allow the interface to keep receiving packets for analysis and logging would be better.
At other times I need to run a full blown IDS, like snort, on an ethernet port, but without being externally detected. What would be best method (tools) to ensure the interface is actually not detectable on a given lan segment? Here is a good (Redhat) but old link that kind of outlines the idea: http://www.linuxjournal.com/article/6222 Any web pages, documents or information that is more current and gentoo specific would be of greatly appreciated. TIA, James -- [email protected] mailing list

