On Wed, 25 Jun 2003, Benjamin J. Weiss wrote:
> You can actually go two routes for a good snort box in an untrusted zone.
>
> 2) Don't give the box an IP address. I don't know the specifics, but I've seen in
> CERT lists that you can put the NIC in promiscuous mode without an IP. The box will
> still receive all of the packets on the wire, but it won't be able to reply and the
> black hats won't be able to see the box. You'll have to do everything from the
> console, but you'll have a truly hack-proof box.
And there are a couple (at least) different routes then available.
1. add a second nic to the host and connect that to a secure
trusted network (is there such a thing?) that provide you
remote access to that host.
2. setup the host to provide console access via the serial
port. watch the word wrap. reference:
http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/Remote-Serial-Console-HOWTO.html
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
