Please excuse if this has been covered before - and please feel free to point me in the appropriate direction. What is the best setup (that is secure) for a network connection for passive sensing? I presently have a sensor set up with ARP and XMIT turned off, and I certainly cannot ping the interface. And it works just fine as a sensor. I'm working on Solaris 8 for one sensor and OpenBSD for the other. Solaris tcpdump definitely doesn't like an interface that's been plumbed but doesn't have an IP address assigned. I'm presently using 127.0.0.2 and it seems to be working just fine. Any suggestions on a better setup? How secure is this? Thanks!! -randy - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
