1 |
wirecutters/stanley knife as appropriate - cut the tx wires in the cable |
2 |
to the card. In one case where the box had to absolutely silent (hacker |
3 |
proof, undetectable monitoring - think it was the honeypot project where |
4 |
I saw this one?), the wires from the socket to the circuit board on the |
5 |
card itself were cut. |
6 |
|
7 |
BillK |
8 |
|
9 |
On Tue, 2005-10-18 at 23:19 +0000, James wrote: |
10 |
> Hello, |
11 |
> |
12 |
> For a variety of reasons, I need to be able to make an ethernet |
13 |
> interface on a gentoo system, change into listen only (stealth mode). |
14 |
> Kind of like half duplex, so to speak. Any simple tricks? |
15 |
> Just disabling all responses from the ethernet interface would do. |
16 |
> I know I can just use 'ifconfig eth0 down' but anything more |
17 |
> elegant or that would allow the interface to keep receiving |
18 |
> packets for analysis and logging would be better. |
19 |
> |
20 |
> At other times I need to run a full blown IDS, like snort, |
21 |
> on an ethernet port, but without being externally detected. |
22 |
> What would be best method (tools) to ensure the interface is actually |
23 |
> not detectable on a given lan segment? |
24 |
> Here is a good (Redhat) but old link that kind of outlines the idea: |
25 |
> |
26 |
> http://www.linuxjournal.com/article/6222 |
27 |
> |
28 |
> Any web pages, documents or information that is more current and |
29 |
> gentoo specific would be of greatly appreciated. |
30 |
> |
31 |
> TIA, |
32 |
> |
33 |
> James |
34 |
> |
35 |
-- |
36 |
William Kenworthy <billk@×××××××××.au> |
37 |
Home! |
38 |
-- |
39 |
gentoo-user@g.o mailing list |