I'm assuming here by the information you've given so if i'm wrong please correct me. You want to make a cable that allows the traffic to go in one direction. the idea being that your snort box does not send information just receives it. I don't think you can do this with a special cable as ethernet need to be able to send acks back to let the sending side know that it received that data. So you will need to do this at OS level not with a special cable. If you were to do what you were suggesting the sending box would send only the number of packets in the TCP window and that would be it (it mayt resend them but in the end it will just be a small set of information ). you will need to do this with chain rules.
If my assumptions were totally wrong sorry. cheers, Rory On Tue, 11 Feb 2003, Naman Latif wrote: > Hi, > Can anyone tell me how to make a Read-Only Ethernet Cable to be used > with Snort\Sniffer > > IS this correct > > LAN Snort\Switch > 1 1 > 2 2 > 3----------3 > 4 > 5 > 6----------6 > 7 > 8 > > Then on both sides, connect 1&2 to eachother ? > > \\ Naman >
